AVG-2382 log

Package edk2-shell
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 202105-1
Fixed 202108-1
Current 202111-4 [testing]
202108-1 [extra]
Ticket None
Created Tue Sep 14 09:04:54 2021
Issue Severity Remote Type Description
CVE-2021-38575 Medium Yes Arbitrary code execution
In EDK II before version 202108, a remotely exploitable buffer overflow has been found in the IScsiHexToBin() function.