CVE-2019-14558 — Sensitive Information in Resource Not Removed Before Reuse in Linux
Severity
5.7MEDIUMNVD
EPSS
0.1%
top 69.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 5
Latest updateMay 24
Description
Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.1 | Impact: 3.6
Affected Packages1 packages
Also affects: Debian Linux 9.0
🔴Vulnerability Details
3GHSA▶
GHSA-q8x8-jp4q-9cjj: Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Serie↗2022-05-24
OSV▶
CVE-2019-14558: Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Serie↗2020-10-05
CVEList▶
CVE-2019-14558: Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Serie↗2020-10-05