Vulnerability Details CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.9%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 7.5
References
Products affected by CVE-2021-38578
-
cpe:2.3:a:tianocore:edk2:-
-
cpe:2.3:a:tianocore:edk2:2017-11-07
-
cpe:2.3:a:tianocore:edk2:201808
-
cpe:2.3:a:tianocore:edk2:201811
-
cpe:2.3:a:tianocore:edk2:201903
-
cpe:2.3:a:tianocore:edk2:201905
-
cpe:2.3:a:tianocore:edk2:201908
-
cpe:2.3:a:tianocore:edk2:201911
-
cpe:2.3:a:tianocore:edk2:2020-10-21
-
cpe:2.3:a:tianocore:edk2:202002
-
cpe:2.3:a:tianocore:edk2:202005
-
cpe:2.3:a:tianocore:edk2:202008
-
cpe:2.3:a:tianocore:edk2:202011
-
cpe:2.3:a:tianocore:edk2:202102
-
cpe:2.3:a:tianocore:edk2:202105
-
cpe:2.3:a:tianocore:edk2:202108
-
cpe:2.3:a:tianocore:edk2:202111
-
cpe:2.3:a:tianocore:edk2:202202
-
cpe:2.3:o:insyde:kernel:5.0
-
cpe:2.3:o:insyde:kernel:5.1
-
cpe:2.3:o:insyde:kernel:5.2
-
cpe:2.3:o:insyde:kernel:5.3
-
cpe:2.3:o:insyde:kernel:5.4
-
cpe:2.3:o:insyde:kernel:5.5