CVE-2021-28211
edk2: possible heap corruption with LzmaUefiDecompressGetInfo
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Un desbordamiento de la pila en la funciĆ³n zmaUefiDecompressGetInfo en EDK II
A flaw was found in edk2. A possible heap corruption in LzmaUefiDecompressGetInfo function may allow an attacker to execute code on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-03-12 CVE Reserved
- 2021-04-21 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=1816 | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2021-28211 | 2021-06-29 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1883529 | 2021-06-29 |