{"id":"CVE-2024-38796","details":"EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.","aliases":["GHSA-xpcr-7hjq-m6qm"],"modified":"2026-03-13T11:35:41.327139Z","published":"2024-09-27T22:15:13.153Z","related":["ALSA-2024:11185","ALSA-2024:11219"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"},{"type":"ADVISORY","url":"https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20241206-0006/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38796.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L"}]}