#VU54481 Heap-based buffer overflow in edk2 - CVE-2021-28211

Cybersecurity Help s.r.o.

Published: 2021-06-30

Vulnerability identifier: #VU54481

Vulnerability risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-28211

CWE-ID: CWE-122

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
edk2
Hardware solutions / Firmware

Vendor: TianoCore

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the LzmaUefiDecompressGetInfo() function. A local user can run a specially crafted program to trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

edk2: edk2-stable201808 - UDK2018

External links
https://bugzilla.tianocore.org/show_bug.cgi?id=1816

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell Integrated System for Microsoft Azure Stack Hub

Multiple vulnerabilities in Dell Avamar Data Store Gen5A

Multiple vulnerabilities in Dell VxRail

openEuler update for edk2

Multiple vulnerabilities in OpenShift Virtualization 2.6

Multiple vulnerabilities in OpenShift Virtualization 4.8

Anolis OS update for edk2

Red Hat Enterprise Linux 8 update for edk2

Privilege escalation in Tianocore EDK II

SUSE update for ovmf