EDK2: heap buffer overflow in Tcg2MeasurePeImage()
A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a...