What is CVE-2021-38578?

CVE-2021-38578 is a vulnerability in edk2 that allows a local attacker with administration privileges to execute code within the system management mode (SMM) context.

What is the severity of CVE-2021-38578?

CVE-2021-38578 has a severity score of 9.8 (Critical).

How does CVE-2021-38578 occur?

CVE-2021-38578 occurs due to an integer underflow in the SmmEntryPoint function in edk2, leading to a write into the SMM region.

Who is affected by CVE-2021-38578?

CVE-2021-38578 affects systems running edk2 with the specified versions and installations of Tianocore Edk2 and Insyde Kernel.

How can I fix CVE-2021-38578?

To fix CVE-2021-38578, update the affected software to the specified versions provided by the vendor.

Vulnerability/
CVE-2021-38578

critical

CWE

124 787

13/5/2021

3/3/2022

2/8/2023

CVE-2021-38578

First published: Thu May 13 2021(Updated: )

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

Credit: infosec@edk2.groups.io infosec@edk2.groups.io

Affected Software	Affected Version	How to fix
redhat/edk2	<0:20221207gitfff6d81270b5-9.el9_2	0:20221207gitfff6d81270b5-9.el9_2
Tianocore EDK2	<=202202
Insyde Kernel	=5.0
Insyde Kernel	=5.1
Insyde Kernel	=5.2
Insyde Kernel	=5.3
Insyde Kernel	=5.4
Insyde Kernel	=5.5

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

RHSA-2023:2165

Frequently Asked Questions

What is CVE-2021-38578?
CVE-2021-38578 is a vulnerability in edk2 that allows a local attacker with administration privileges to execute code within the system management mode (SMM) context.
What is the severity of CVE-2021-38578?
CVE-2021-38578 has a severity score of 9.8 (Critical).
How does CVE-2021-38578 occur?
CVE-2021-38578 occurs due to an integer underflow in the SmmEntryPoint function in edk2, leading to a write into the SMM region.
Who is affected by CVE-2021-38578?
CVE-2021-38578 affects systems running edk2 with the specified versions and installations of Tianocore Edk2 and Insyde Kernel.
How can I fix CVE-2021-38578?
To fix CVE-2021-38578, update the affected software to the specified versions provided by the vendor.

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-api
collector/nvd-index
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-38578
collector/redhat-cve
vendor/tianocore
canonical/tianocore edk2
version/tianocore edk2/202202
vendor/insyde
canonical/insyde kernel
version/insyde kernel/5.0
version/insyde kernel/5.1
version/insyde kernel/5.2
version/insyde kernel/5.3
version/insyde kernel/5.4
version/insyde kernel/5.5
package-manager/redhat

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.