{
  "threat_severity" : "Moderate",
  "public_date" : "2022-03-03T00:00:00Z",
  "bugzilla" : {
    "description" : "edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation",
    "id" : "1960321",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1960321"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
    "status" : "verified"
  },
  "cwe" : "(CWE-124|CWE-787)",
  "details" : [ "Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.", "A flaw was found in edk2. A integer underflow in the SmmEntryPoint function leads to a write into the SMM region allowing a local attacker with administration privileges on the system to execute code within the SMM privileged context. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2165",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "edk2-0:20221207gitfff6d81270b5-9.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "ovmf",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "edk2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-38578\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-38578" ],
  "name" : "CVE-2021-38578",
  "csaw" : false
}