2 matches found
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...