NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Edk2 | Tianocore | * | 202105 (including) |
Edk2 | Ubuntu | bionic | * |
Edk2 | Ubuntu | esm-apps/bionic | * |
Edk2 | Ubuntu | esm-apps/xenial | * |
Edk2 | Ubuntu | focal | * |
Edk2 | Ubuntu | hirsute | * |
Edk2 | Ubuntu | trusty | * |
Edk2 | Ubuntu | upstream | * |
Edk2 | Ubuntu | xenial | * |
Red Hat Enterprise Linux 8 | RedHat | edk2-0:20200602gitca407c7246bf-4.el8_4.2 | * |
Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | edk2-0:20190308git89910a39dcfd-6.el8_1.1 | * |
Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | edk2-0:20190829git37eef91017ad-9.el8_2.1 | * |
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | RedHat | redhat-virtualization-host-0:4.4.7-20210804.0.el8_4 | * |