Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate malicious users to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tianocore edk2 - |