CVE-2019-14575

Опубликовано: 23 нояб. 2020

Источник: debian

EPSS Низкий

Описание

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
edk2	fixed	0~20200229.4c0f6e34-1		package
edk2	fixed	0~20181115.85588389-3+deb10u1	buster	package
edk2	end-of-life		jessie	package

Примечания

https://bugzilla.tianocore.org/show_bug.cgi?id=1608

EPSS

Процентиль: 19%

0.00061

Низкий

Связанные уязвимости

CVE-2019-14575

CVSS3: 7.8

ubuntu

около 5 лет назад

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-14575

CVSS3: 7.5

redhat

около 6 лет назад

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-14575

CVSS3: 7.8

nvd

около 5 лет назад

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

GHSA-jg74-g2r7-p8mf

github

больше 3 лет назад

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

openSUSE-SU-2020:0314-1

suse-cvrf

почти 6 лет назад

Security update for ovmf

EPSS

Процентиль: 19%

0.00061

Низкий