PT-2024-1802 · Edk2+11 · Edk2+11

Doug Flick

Published

2024-01-09

Updated

2025-06-05

CVE-2022-36763

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EDK2 (affected versions not specified)

Description The issue is related to a heap buffer overflow vulnerability in the Tcg2MeasureGptTable() function. This vulnerability can be triggered via a local network, potentially compromising confidentiality, integrity, and/or availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-122

Related Identifiers

ALSA-2024:2264

ALSA-2024:3017

ALT-PU-2024-14732

ALT-PU-2024-14734

ALT-PU-2024-14950

AZL-38308

AZL-39247

AZL-39559

BDU:2024-01538

CESA-2024_3017

CVE-2022-36763

DLA-4207-1

DSA-5624-1

GHSA-XVV8-66CQ-PRWR

INFSA-2024_2264

INFSA-2024_3017

OESA-2024-2022

OESA-2024-2023

OESA-2024-2024

OPENSUSE-SU-2024:13949-1

RHSA-2024:2264

RHSA-2024:3017

RHSA-2024_2264

RHSA-2024_3017

RLSA-2024:2264

USN-6638-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Edk2

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

Zvirt Node

PT-2024-1802 · Edk2+11 · Edk2+11

CVE-2022-36763

Weakness Enumeration

Related Identifiers

Affected Products

References · 92