CVE-2018-12181

Опубликовано: 07 мар. 2019

Источник: redhat

CVSS3: 5.3

Описание

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=1686783edk2: Stack buffer overflow with corrupted BMP

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-12181

CVSS3: 6

ubuntu

около 6 лет назад

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

CVE-2018-12181

CVSS3: 6

nvd

около 6 лет назад

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

CVE-2018-12181

CVSS3: 6

debian

около 6 лет назад

Stack overflow in corrupted bmp for EDK II may allow unprivileged user ...

openSUSE-SU-2019:1139-1

suse-cvrf

около 6 лет назад

Security update for ovmf

SUSE-SU-2019:0738-1

suse-cvrf

около 6 лет назад

Security update for ovmf

5.3 Medium

CVSS3