CVE-2021-2821011.06.2021, 16:15An unlimited recursion in DxeCore in EDK II.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary7.8 HIGHLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HBase ScoreCVSS 3.xEPSS ScorePercentile: UnknownAffected Products (NVD)VendorProductVersiontianocoreedk2𝑥< 202008𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenameedk2bookworm2022.11-6+deb12u1fixedbookworm (security)2022.11-6+deb12u1fixedbullseye2020.11-2+deb11u2fixedbullseye (security)2020.11-2+deb11u2fixedbusterno-dsasid2024.08-4fixedtrixie2024.08-4fixedUbuntu ReleasesUbuntu ProductCodenameedk2bionicneeds-triagefocalFixed 0~20191122.bd85bf54-2ubuntu3.2releasedgroovyFixed 2020.05-5ubuntu0.2releasedhirsutenot-affectedimpishnot-affectedjammynot-affectedkineticnot-affectedlunarnot-affectedmanticnot-affectednoblenot-affectedtrustydnexenialneeds-triageKnown Exploits!https://bugzilla.tianocore.org/show_bug.cgi?id=1743https://bugzilla.tianocore.org/show_bug.cgi?id=1743Common Weakness EnumerationCWE-674 - Uncontrolled RecursionThe product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.Referenceshttps://bugzilla.tianocore.org/show_bug.cgi?id=1743https://bugzilla.tianocore.org/show_bug.cgi?id=1743
