Описание
An unlimited recursion in DxeCore in EDK II.
A flaw was found in edk2. An unlimited recursion in DxeCore may allow an attacker to corrupt the system memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | ovmf | Out of support scope | ||
| Red Hat Enterprise Linux 9 | edk2 | Not affected | ||
| Red Hat Enterprise Linux 8 | edk2 | Fixed | RHSA-2021:4198 | 09.11.2021 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-674
https://bugzilla.redhat.com/show_bug.cgi?id=1883552edk2: unlimited FV recursion, round 2
7.8 High
CVSS3
7.8 High
CVSS3