PT-2019-6152 · Tianocore+7 · Tianocore Edk2+7

Published

2014-10-06

·

Updated

2024-06-15

·

CVE-2019-14584

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Tianocore EDK2 (affected versions not specified)
Description The issue is related to a null pointer dereference in Tianocore EDK2, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could also lead to unauthorized access to confidential data, disruption of data integrity, and potentially cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2014-2246
ALT-PU-2021-1056
ALT-PU-2021-1057
ALT-PU-2021-1058
ALT-PU-2021-2871
ALT-PU-2021-2872
AZL-40833
AZL-41086
BDU:2022-00267
CESA-2021_4198
CVE-2019-14584
DLA-2645-1
MGASA-2021-0035
OESA-2022-1986
OESA-2022-1987
OPENSUSE-SU-2020:2314-1
OPENSUSE-SU-2020:2336-1
OPENSUSE-SU-2020_2314-1
OPENSUSE-SU-2020_2336-1
OPENSUSE-SU-2021:0598-1
OPENSUSE-SU-2021_0598-1
OPENSUSE-SU-2024:11134-1
OPENSUSE-SU-2024:11382-1
RHSA-2021:4198
RHSA-2021_4198
SUSE-SU-2020:3883-1
SUSE-SU-2020:3884-1
SUSE-SU-2020:3885-1
SUSE-SU-2020_3883-1
SUSE-SU-2020_3884-1
SUSE-SU-2020_3885-1
SUSE-SU-2021:2117-1
SUSE-SU-2021_2117-1
USN-4684-1

Affected Products

Alt Linux
Astra Linux
Centos
Linuxmint
Red Hat
Suse
Tianocore Edk2
Ubuntu