Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
Denial of Service or Elevation of Privilege
7.4 high CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H
EDK II Commits:
EDK II Bugzilla #1135