You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It doesn't appear that the TCG EFI Protocol Specification defines a maximum size for an event. So it seems our options are either choosing an arbitrary maximum or reporting this to the TCG as undefined behavior.
The text was updated successfully, but these errors were encountered:
In this code path an attacker can control the number of allocated bytes. This can lead to a DoS attack by OOMing the process.
Example:
Produces:
0xbdbfef47
being 3.183 GB.It doesn't appear that the TCG EFI Protocol Specification defines a maximum size for an event. So it seems our options are either choosing an arbitrary maximum or reporting this to the TCG as undefined behavior.
The text was updated successfully, but these errors were encountered: