A vulnerability was found in edk2. A stack buffer overflow in FindAnchorVolumeDescriptorPointer in PartitionDxe/Udf.c when the device block size is not greater than the size of an Anchor Volume Descriptor Pointer. Upstream Bug: https://bugzilla.tianocore.org/show_bug.cgi?id=828 Upstream Commit: https://github.com/tianocore/edk2/commit/4df8f5bfa28b8b881e506437e8f08d92c1a00370
Created edk2 tracking bugs for this issue: Affects: epel-all [bug 1683412] Affects: fedora-all [bug 1683411]
Closing this in favor of bug 1691640.