2 matches found
edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c
REJECTED CVE A vulnerability exists in EDK-2 within BaseUefiDecompressLib.c MdePkg/Library/BaseUefiDecompressLib. An authenticated attacker could exploit this vulnerability by supplying a crafted file, potentially leading to privilege escalation...
edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function
REJECTED CVE A stack-based buffer overflow vulnerability was identified in EDK-2 within the MakeTable function of BaseUefiDecompressLib.c, TianoCompress.c, and the UEFI specification. An authenticated attacker could exploit this vulnerability by supplying a crafted file, potentially leading to...