CVE-2021-38578

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Buffer Underflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
tianocoreedk2
𝑥
≤ 202202
insydekernel
5.0
insydekernel
5.1
insydekernel
5.2
insydekernel
5.3
insydekernel
5.4
insydekernel
5.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
edk2
bookworm
2022.11-6+deb12u1
fixed
bookworm (security)
2022.11-6+deb12u1
fixed
bullseye
no-dsa
bullseye (security)
vulnerable
buster
no-dsa
sid
2024.08-4
fixed
trixie
2024.08-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
edk2
bionic
needed
focal
needed
impish
ignored
jammy
needed
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
ovmf-201911
suse enterprise server 15 SP2
150200.7.27.1
fixed
ovmf-202008
suse enterprise sap 15 SP3
150300.10.20.1
fixed
suse enterprise server 15 SP3
150300.10.20.1
fixed
ovmf-202202
suse enterprise sap 15 SP4
150400.5.10.1
fixed
suse enterprise server 15 SP4
150400.5.10.1
fixed
ovmf-202408
suse enterprise sap 15 SP7
150700.1.3
fixed
suse enterprise server 15 SP7
150700.1.3
fixed
ovmf-tools-201911
suse enterprise server 15 SP2
150200.7.27.1
fixed
ovmf-tools-202008
suse enterprise sap 15 SP3
150300.10.20.1
fixed
suse enterprise server 15 SP3
150300.10.20.1
fixed
ovmf-tools-202202
suse enterprise sap 15 SP4
150400.5.10.1
fixed
suse enterprise server 15 SP4
150400.5.10.1
fixed
ovmf-tools-202408
suse enterprise sap 15 SP7
150700.1.3
fixed
suse enterprise server 15 SP7
150700.1.3
fixed
qemu-ovmf-x86_64-201911
suse enterprise server 15 SP2
150200.7.27.1
fixed
qemu-ovmf-x86_64-202008
suse enterprise sap 15 SP3
150300.10.20.1
fixed
suse enterprise server 15 SP3
150300.10.20.1
fixed
qemu-ovmf-x86_64-202202
suse enterprise sap 15 SP4
150400.5.10.1
fixed
suse enterprise server 15 SP4
150400.5.10.1
fixed
qemu-ovmf-x86_64-202408
suse enterprise sap 15 SP7
150700.1.3
fixed
suse enterprise server 15 SP7
150700.1.3
fixed
qemu-uefi-aarch64-201911
suse enterprise server 15 SP2
150200.7.27.1
fixed
qemu-uefi-aarch64-202008
suse enterprise server 15 SP3
150300.10.20.1
fixed
qemu-uefi-aarch64-202202
suse enterprise sap 15 SP4
150400.5.10.1
fixed
suse enterprise server 15 SP4
150400.5.10.1
fixed
qemu-uefi-aarch64-202408
suse enterprise sap 15 SP7
150700.1.3
fixed
suse enterprise server 15 SP7
150700.1.3
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
edk2-aarch64
RHEL 9
0:20221207gitfff6d81270b5-9.el9_2
fixed
edk2-ovmf
RHEL 9
0:20221207gitfff6d81270b5-9.el9_2
fixed
edk2-tools
RHEL 9
0:20221207gitfff6d81270b5-9.el9_2
fixed
edk2-tools-doc
RHEL 9
0:20221207gitfff6d81270b5-9.el9_2
fixed
Common Weakness Enumeration
References
https://bugzilla.tianocore.org/show_bug.cgi?id=3387
https://www.insyde.com/security-pledge/SA-2023024
https://bugzilla.tianocore.org/show_bug.cgi?id=3387
https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html
https://www.insyde.com/security-pledge/SA-2023024