12. Integer/Buffer Overflow in TpmDxe Driver

Description:
The MeasureVariable function calculated the sum of many fields. This could lead to an integer overflow that resulted in a small allocation of memory and a large copy.
Recommendation:
This is addressed by EDK2 SVN https://sourceforge.net/p/edk2/code/14396.
Acknowledgments:
Reported by the Advanced Threat Research Team at Intel Security.

11. Overwrite from FirmwarePerformance Variable

13. Protection of PhysicalPresence Variable

Last modified 2yr ago