Описание
[REJECTED CVE] A stack-based buffer overflow vulnerability was identified in EDK-2 within the MakeTable() function of BaseUefiDecompressLib.c, TianoCompress.c, and the UEFI specification. An authenticated attacker could exploit this vulnerability by supplying a crafted file, potentially leading to privilege escalation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | edk2 | Not affected | ||
| Red Hat Enterprise Linux 7 | ovmf | Fixed | RHSA-2019:2125 | 06.08.2019 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-287
https://bugzilla.redhat.com/show_bug.cgi?id=1641458edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function
6.7 Medium
CVSS3
Связанные уязвимости
ubuntu
больше 5 лет назад
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
nvd
больше 5 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
6.7 Medium
CVSS3