PT-2019-6152 · Tianocore+7 · Tianocore Edk2+7

Publicado

2014-10-06

·

Atualizado

2024-06-15

·

CVE-2019-14584

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Tianocore EDK2 (affected versions not specified)
Description The issue is related to a null pointer dereference in Tianocore EDK2, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could also lead to unauthorized access to confidential data, disruption of data integrity, and potentially cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2014-2246
ALT-PU-2021-1056
ALT-PU-2021-1057
ALT-PU-2021-1058
ALT-PU-2021-2871
ALT-PU-2021-2872
AZL-40833
AZL-41086
BDU:2022-00267
CESA-2021_4198
CVE-2019-14584
DLA-2645-1
MGASA-2021-0035
OESA-2022-1986
OESA-2022-1987
OPENSUSE-SU-2020:2314-1
OPENSUSE-SU-2020:2336-1
OPENSUSE-SU-2020_2314-1
OPENSUSE-SU-2020_2336-1
OPENSUSE-SU-2021:0598-1
OPENSUSE-SU-2021_0598-1
OPENSUSE-SU-2024:11134-1
OPENSUSE-SU-2024:11382-1
RHSA-2021:4198
RHSA-2021_4198
SUSE-SU-2020:3883-1
SUSE-SU-2020:3884-1
SUSE-SU-2020:3885-1
SUSE-SU-2020_3883-1
SUSE-SU-2020_3884-1
SUSE-SU-2020_3885-1
SUSE-SU-2021:2117-1
SUSE-SU-2021_2117-1
USN-4684-1

Produtos afetados

Alt Linux
Astra Linux
Centos
Linuxmint
Red Hat
Suse
Tianocore Edk2
Ubuntu