2 matches found
EDK2: heap buffer overflow in Tcg2MeasurePeImage()
A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a...
Medium: edk2
Issue Overview: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...