A vulnerability was found in edk2. A heap buffer overflow in ReadFile in UdfDxe/FileSystemOperations.c when the raw data or the Allocation Descriptors' data from a FE/EFE consume data beyond the size of a FE/EFE. Upstream Bug: https://bugzilla.tianocore.org/show_bug.cgi?id=828 Upstream Commit: https://github.com/tianocore/edk2/commit/5c0748f43f4e1cc15fdd0be64a764eacd7df92f6
Created edk2 tracking bugs for this issue: Affects: epel-all [bug 1683415] Affects: fedora-all [bug 1683414]
Closing this in favor of bug 1691640.