CVE-2021-38578
First published: Thu May 13 2021(Updated: )
A flaw was found in edk2. A integer underflow in the SmmEntryPoint function leads to a write into the SMM region allowing a local attacker with administration privileges on the system to execute code within the SMM privileged context. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: infosec@edk2.groups.io infosec@edk2.groups.io infosec@edk2.groups.io
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/edk2 | <0:20221207gitfff6d81270b5-9.el9_2 | 0:20221207gitfff6d81270b5-9.el9_2 |
| Tianocore EDK2 | <=202202 | |
| Insyde Kernel | =5.0 | |
| Insyde Kernel | =5.1 | |
| Insyde Kernel | =5.2 | |
| Insyde Kernel | =5.3 | |
| Insyde Kernel | =5.4 | |
| Insyde Kernel | =5.5 | |
| debian/edk2 | <=2020.11-2+deb11u2 | 2022.11-6+deb12u1 2024.11-2 2024.11-4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-38578 https://nvd.nist.gov/vuln/detail/CVE-2021-38578
- https://bugzilla.redhat.com/show_bug.cgi?id=1960321
- https://access.redhat.com/errata/RHSA-2023:2165
- https://access.redhat.com/security/cve/cve-2021-38578
- https://bugzilla.tianocore.org/show_bug.cgi?id=3387
- https://www.insyde.com/security-pledge/SA-2023024
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2096378
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2096379
- https://edk2.groups.io/g/devel/message/90516
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578
- https://nvd.nist.gov/vuln/detail/CVE-2021-38578
- https://launchpad.net/bugs/cve/CVE-2021-38578
- https://security-tracker.debian.org/tracker/CVE-2021-38578
- https://ubuntu.com/security/CVE-2021-38578
- https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6
Frequently Asked Questions
What is CVE-2021-38578?
CVE-2021-38578 is a vulnerability in edk2 that allows a local attacker with administration privileges to execute code within the system management mode (SMM) context.
What is the severity of CVE-2021-38578?
CVE-2021-38578 has a severity score of 9.8 (Critical).
How does CVE-2021-38578 occur?
CVE-2021-38578 occurs due to an integer underflow in the SmmEntryPoint function in edk2, leading to a write into the SMM region.
Who is affected by CVE-2021-38578?
CVE-2021-38578 affects systems running edk2 with the specified versions and installations of Tianocore Edk2 and Insyde Kernel.
How can I fix CVE-2021-38578?
To fix CVE-2021-38578, update the affected software to the specified versions provided by the vendor.
- collector/redhat-cve
- collector/nvd-index
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-38578
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- collector/launchpad-cve
- source/Launchpad
- agent/references
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- agent/last-modified-date
- agent/trending
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/source
- package-manager/redhat
- vendor/tianocore
- canonical/tianocore edk2
- version/tianocore edk2/202202
- vendor/insyde
- canonical/insyde kernel
- version/insyde kernel/5.0
- version/insyde kernel/5.1
- version/insyde kernel/5.2
- version/insyde kernel/5.3
- version/insyde kernel/5.4
- version/insyde kernel/5.5
- package-manager/debian