CVE-2021-28211 log
Source |
|
Severity | Medium |
Remote | No |
Type | Arbitrary code execution |
Description | A security issue was found in EDK II before version 202011. A possible heap corruption in LzmaUefiDecompressGetInfo could lead to arbitrary code execution. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1697 | edk2-shell | 202008-1 | 202011-1 | Medium | Fixed |
References |
---|
https://bugzilla.tianocore.org/show_bug.cgi?id=1816 https://github.com/tianocore/edk2/pull/1138 https://github.com/tianocore/edk2/commit/e7bd0dd26db7e56aa8ca70132d6ea916ee6f3db0 |