CVE-2018-12183

Опубликовано: 29 мар. 2019

Источник: redhat

CVSS3: 6.8

EPSS Низкий

Описание

Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 7	ovmf	Not affected
Red Hat Enterprise Linux 8	edk2	Not affected
Red Hat Virtualization 4	redhat-virtualization-host	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121->CWE-284

https://bugzilla.redhat.com/show_bug.cgi?id=1694077edk2: stack overflow in DxeCore leads to privilege escalation

EPSS

Процентиль: 25%

0.00087

Низкий

6.8 Medium

CVSS3

Связанные уязвимости

CVE-2018-12183

CVSS3: 6.8

ubuntu

почти 7 лет назад

Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

CVE-2018-12183

CVSS3: 6.8

nvd

почти 7 лет назад

Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

CVE-2018-12183

CVSS3: 6.8

debian

почти 7 лет назад

Stack overflow in DxeCore for EDK II may allow an unauthenticated user ...

GHSA-9pwx-jwwh-vx6f

CVSS3: 6.8

github

больше 3 лет назад

Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

EPSS

Процентиль: 25%

0.00087

Низкий

6.8 Medium

CVSS3