Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-38578

Published: 3 March 2022

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

Notes

Author	Note
mdeslaur	as of 2023-01-03, upstream bug is private

Priority

CVSS 3 base score: 9.8

Status

Package	Release	Status
edk2 Launchpad, Ubuntu, Debian	bionic	Deferred (2023-01-03)
	focal	Deferred (2023-01-03)
	impish	Ignored (reached end-of-life)
	jammy	Deferred (2023-01-03)
	kinetic	Deferred (2023-01-03)
	trusty	Ignored (out of standard support)
	upstream	Needs triage
	xenial	Needs triage

References

Bugs

https://bugzilla.tianocore.org/show_bug.cgi?id=3387

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading