Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Integer Overflow in CreateHob
Vulnerability Description
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
Vulnerability Type
整数溢出导致缓冲区溢出
Vulnerability Title
EDK2 安全漏洞
Vulnerability Description
EDK2是Tianocore社区的一套基于UEFI和PI规范的跨平台固件开发环境。 EDK2 202311及之前版本存在安全漏洞,该漏洞源于CreateHob()函数存在缓冲区溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A