HIGH🇬🇧 English

CVE-2021-28216

CVSS 7.8v3.1pub. 2021-08-05upd. 2025-11-03

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Tianocore Edk Ii

    APP
    Tianocore
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-12178CRITICAL9.1ten sam produkt

Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of pr...

CVE-2019-0160CRITICAL9.8ten sam produkt

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation ...

CVE-2018-3613HIGH7.8ten sam produkt

Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to p...

CVE-2018-12179HIGH7.8ten sam produkt

Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable esca...

CVE-2018-12180HIGH8.8ten sam produkt

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalati...

CVE-2021-28216 — HIGH 7.8 | CVEbaza.pl