Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-28211 - log back

CVE-2021-28211 edited at 16 Mar 2021 11:00:03

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Arbitrary code execution

Description

+	A security issue was found in EDK II before version 202011. A possible heap corruption in LzmaUefiDecompressGetInfo could lead to arbitrary code execution.

References

+	https://bugzilla.tianocore.org/show_bug.cgi?id=1816
+	https://github.com/tianocore/edk2/pull/1138
+	https://github.com/tianocore/edk2/commit/e7bd0dd26db7e56aa8ca70132d6ea916ee6f3db0

Notes

CVE-2021-28211 created at 16 Mar 2021 10:54:04