CVE-2021-28211

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EDK II (affected versions not specified)

Description A heap overflow issue exists in the LzmaUefiDecompressGetInfo function. This issue can be exploited to gain access to confidential data, compromise data integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Heap Based Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-787

Related Identifiers

BDU:2022-06901

CESA-2021_2591

CVE-2021-28211

DLA-2645-1

OESA-2021-1338

OPENSUSE-SU-2021:0495-1

OPENSUSE-SU-2021_0495-1

OPENSUSE-SU-2024:11134-1

RHSA-2021:2591

RHSA-2021_2591

RLSA-2021:2591

SUSE-SU-2021:0972-1

SUSE-SU-2021:0987-1

SUSE-SU-2021:2117-1

SUSE-SU-2021:2161-1

USN-4923-1

USN-7060-1

Affected Products

Astra Linux

Centos

Edk Ii

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2021-28211

Weakness Enumeration

Related Identifiers

Affected Products

References · 118