A vulnerability was found in edk2. A heap buffer overflow in UdfDxe/FileSystemOperations.c when 'NumberOfPartitions' field of a Logical Volume Integrity Descriptor does not match the data within the relating Logical Volume Descriptor. Upstream Bug: https://bugzilla.tianocore.org/show_bug.cgi?id=828 Upstream Commit: https://github.com/tianocore/edk2/commit/3b30351b75d70ea65701ac999875fbb81a89a5ca
Created edk2 tracking bugs for this issue: Affects: epel-all [bug 1683430] Affects: fedora-all [bug 1683429]
Closing this in favor of bug 1691640.