What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2021-38575.

What is the severity rating of CVE-2021-38575?

CVE-2021-38575 has a severity rating of 8.1 (high).

What software is affected by CVE-2021-38575?

The affected software includes Tianocore EDK2 versions up to and including May 2021, and Insyde Kernel versions 5.0, 5.1, 5.2, 5.3, 5.4, and 5.5.

Are there any fixes or patches available for CVE-2021-38575?

Yes, there are fixes and patches available. Please refer to the references for more information.

What are the common weaknesses associated with CVE-2021-38575?

The common weaknesses associated with CVE-2021-38575 are CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-124 (Buffer Underwrite), CWE-252 (Unchecked Return Value), and CWE-680 (Integer Overflow to Buffer Overflow).

Vulnerability/
CVE-2021-38575

high

8.1

CWE

119 124 252 680

3/5/2021

1/12/2021

21/11/2024

CVE-2021-38575: Buffer Overflow

First published: Mon May 03 2021(Updated: )

Function IscsiMisc.c:IScsiHexToBin() in NetworkPkg/IScsiDxe does not correctly check the sizes of the input and output buffers, allowing an attacker who can control the input buffer to cause a buffer overflow in the destination buffer. Function IScsiHexToBin is used to decode strings passed as part of iSCSI Challenge-Handshake Authentication Protocol(CHAP), before authentication takes place. Thus an attacker, who can either inject himself in the communication between edk2 and the iSCSI target or control the iSCSI target used by edk2, can trigger this flaw and potentially execute code in the edk2 firmware. Upstream bug: <a href="https://bugzilla.tianocore.org/show_bug.cgi?id=3356">https://bugzilla.tianocore.org/show_bug.cgi?id=3356</a>

Credit: infosec@edk2.groups.io infosec@edk2.groups.io infosec@edk2.groups.io

Affected Software	Affected Version	How to fix
Tianocore EDK2	<=202105
Insyde Kernel	=5.0
Insyde Kernel	=5.1
Insyde Kernel	=5.2
Insyde Kernel	=5.3
Insyde Kernel	=5.4
Insyde Kernel	=5.5
debian/edk2	<=2020.11-2+deb11u2	2022.11-6+deb12u1 2024.11-5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-38575.
What is the severity rating of CVE-2021-38575?
CVE-2021-38575 has a severity rating of 8.1 (high).
What software is affected by CVE-2021-38575?
The affected software includes Tianocore EDK2 versions up to and including May 2021, and Insyde Kernel versions 5.0, 5.1, 5.2, 5.3, 5.4, and 5.5.
Are there any fixes or patches available for CVE-2021-38575?
Yes, there are fixes and patches available. Please refer to the references for more information.
What are the common weaknesses associated with CVE-2021-38575?
The common weaknesses associated with CVE-2021-38575 are CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-124 (Buffer Underwrite), CWE-252 (Unchecked Return Value), and CWE-680 (Integer Overflow to Buffer Overflow).

collector/nvd-api
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-38575
agent/type
collector/nvd-index
agent/software-canonical-lookup
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
agent/references
collector/launchpad-cve
source/Launchpad
agent/author
collector/usn-cve
source/Ubuntu
agent/event
agent/description
collector/nvd-cve
source/NVD
agent/last-modified-date
agent/trending
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
agent/source
vendor/tianocore
canonical/tianocore edk2
version/tianocore edk2/202105
vendor/insyde
canonical/insyde kernel
version/insyde kernel/5.0
version/insyde kernel/5.1
version/insyde kernel/5.2
version/insyde kernel/5.3
version/insyde kernel/5.4
version/insyde kernel/5.5
package-manager/debian