Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Heap Buffer Overflow in Tcg2MeasurePeImage
Vulnerability Description
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
EDK2 安全漏洞
Vulnerability Description
EDK2是Tianocore社区的一套基于UEFI和PI规范的跨平台固件开发环境。 EDK2 202311及之前版本存在安全漏洞,该漏洞源于Tcg2MeasureImage()函数存在缓冲区溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A