4. Overwrite from Performance Data Variable


The variable PerfDataMemAddr was used to hold the address of a buffer for performance data, and this variable could be arbitrarily modified by runtime software. This could cause firmware to corrupt its own code/data.


This is addressed by EDK2 SVN https://sourceforge.net/p/edk2/code/14386.


Reported by the Advanced Threat Research team at Intel Security.