CVE-2019-0160 — Classic Buffer Overflow in Fedora
Severity
9.8CRITICALNVD
EPSS
0.3%
top 48.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 27
Latest updateJul 29
Description
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
Also affects: Fedora 30, Enterprise Linux 8.0, 8.1, 8.2, 8.4
🔴Vulnerability Details
3GHSA▶
GHSA-w3xf-7pcp-xvwv: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi↗2022-05-13
CVEList▶
CVE-2019-0160: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi↗2019-03-27
OSV▶
CVE-2019-0160: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi↗2019-03-27
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2019-0160 edk2: buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media [fedora-all]↗2019-03-22
Bugzilla▶
CVE-2019-0160 edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media↗2019-03-22
Bugzilla▶
CVE-2019-0160 edk2: buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media [epel-all]↗2019-03-22