CVE-2022-36765 Information

Description

EDK2 is susceptible to a vulnerability in the CreateHob() function allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality integrity and/or availability.

Reference

https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx