CVE-2021-28211
Description
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.06
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2021:0987-1(SUSE Linux Enterprise Server 12-SP5 ) ovmf-2017+git1510945757.b2662641d5-3.35.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0987-1(SUSE Linux Enterprise Server 12-SP5 ) ovmf-tools-2017+git1510945757.b2662641d5-3.35.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0987-1(SUSE Linux Enterprise Server 12-SP5 ) qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.35.1.noarch.rpm | Linux |
| UEFI firmware for virtual machines (USN-4923-1) ovmf_2020.05-5ubuntu0.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) ovmf_0~20191122.bd85bf54-2ubuntu3.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi_2020.05-5ubuntu0.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi_0~20191122.bd85bf54-2ubuntu3.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi-arm_2020.05-5ubuntu0.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi-arm_0~20191122.bd85bf54-2ubuntu3.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi-aarch64_2020.05-5ubuntu0.2_all.deb | Linux |
| UEFI firmware for virtual machines (USN-4923-1) qemu-efi-aarch64_0~20191122.bd85bf54-2ubuntu3.2_all.deb | Linux |
| Edk2-ovmf update (ELSA-2021-2591) edk2-ovmf-20200602gitca407c7246bf-4.el8_4.1.noarch.rpm | Linux |
| (RHSA-2021:2591) edk2 security update edk2-ovmf-20200602gitca407c7246bf-4.el8_4.1.noarch.rpm | Linux |
| UEFI firmware for virtual machines (USN-7060-1) ovmf_0~20191122.bd85bf54-2ubuntu3.6_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) ovmf_2022.02-3ubuntu0.22.04.3_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) ovmf-ia32_2022.02-3ubuntu0.22.04.3_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) qemu-efi-aarch64_0~20191122.bd85bf54-2ubuntu3.6_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) qemu-efi-aarch64_2022.02-3ubuntu0.22.04.3_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) qemu-efi-arm_0~20191122.bd85bf54-2ubuntu3.6_all.deb | Linux |
| UEFI firmware for virtual machines (USN-7060-1) qemu-efi-arm_2022.02-3ubuntu0.22.04.3_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234