Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-38797

EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.

Published

2025-04-07T18:15:45.337

Last Modified

2025-04-08T18:14:17.307

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125

Affected Vendors & Products

References

https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf ([email protected])