{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-38575", "assignerOrgId": "65518388-201a-4f93-8712-366d21fe8d2c", "assignerShortName": "TianoCore", "dateUpdated": "2024-08-04T01:44:23.483Z", "dateReserved": "2021-08-11T00:00:00", "datePublished": "2021-12-01T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "65518388-201a-4f93-8712-366d21fe8d2c", "shortName": "TianoCore", "dateUpdated": "2023-07-23T00:00:00"}, "descriptions": [{"lang": "en", "value": "NetworkPkg/IScsiDxe has remotely exploitable buffer overflows."}], "affected": [{"vendor": "TianoCore", "product": "EDK II", "versions": [{"version": "unspecified", "lessThanOrEqual": "edk2-stable202105", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.tianocore.org/show_bug.cgi?id=3356"}, {"url": "https://www.insyde.com/security-pledge/SA-2023025"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "A case of CWE-124, CWE-680, and CWE-252 is occurring in NetworkPkg/IScsiDxe.", "cweId": "CWE-124"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:44:23.483Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.tianocore.org/show_bug.cgi?id=3356", "tags": ["x_transferred"]}, {"url": "https://www.insyde.com/security-pledge/SA-2023025", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*", "matchCriteriaId": "D81E5FE6-D7EC-49DA-BB6A-E58F9D7D3FBB", "versionEndIncluding": "202105", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:insyde:kernel:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "FFCC4619-B867-4E23-AF05-FF92B43628AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB40061A-BEDF-4D72-BF2D-D1B10EB80A60", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "9D6AFE61-A2A4-49DF-A8EE-B2F425DA7A08", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D21132C0-F2CF-4134-A165-926155031913", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "6549F7F1-A438-4C84-9D66-C89C697E2A9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "DE339FA1-8572-4365-B420-530D62686C08", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "NetworkPkg/IScsiDxe has remotely exploitable buffer overflows."}, {"lang": "es", "value": "NetworkPkg/IScsiDxe presenta unos desbordamientos de b\u00fafer explotables de forma remota"}], "id": "CVE-2021-38575", "lastModified": "2024-11-21T06:17:32.553", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-01T18:15:07.760", "references": [{"source": "infosec@edk2.groups.io", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.tianocore.org/show_bug.cgi?id=3356"}, {"source": "infosec@edk2.groups.io", "tags": ["Third Party Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2023025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.tianocore.org/show_bug.cgi?id=3356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2023025"}], "sourceIdentifier": "infosec@edk2.groups.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-124"}], "source": "infosec@edk2.groups.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Laszlo Ersek (Red Hat).", "affected_release": [{"advisory": "RHSA-2021:3066", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "edk2-0:20200602gitca407c7246bf-4.el8_4.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-08-10T00:00:00Z"}, {"advisory": "RHSA-2021:3172", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "edk2-0:20190308git89910a39dcfd-6.el8_1.1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-08-17T00:00:00Z"}, {"advisory": "RHSA-2021:3369", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "edk2-0:20190829git37eef91017ad-9.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-08-31T00:00:00Z"}, {"advisory": "RHSA-2021:3235", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "redhat-virtualization-host-0:4.4.7-20210804.0.el8_4", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2021-08-19T00:00:00Z"}], "bugzilla": {"description": "edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe", "id": "1956284", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956284"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-119", "details": ["NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.", "A flaw was found in edk2. Missing checks in the IScsiHexToBin function in NetworkPkg/IScsiDxe lead to a buffer overflow allowing a remote attacker, who can inject himself in the communication between edk2 and the iSCSI target, to write arbitrary data to any address in the edk2 firmware and potentially execute code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2021-38575", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "ovmf", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "edk2", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-06-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-38575\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-38575"], "threat_severity": "Important"}