CVE-2019-14562
published 2020-11-23CVE-2019-14562: Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | edk2 | < edk2 2020.05-4 (bookworm) | edk2 2020.05-4 (bookworm) |
| tianocore | edk2 | >= 0 < 2020.05-4 | 2020.05-4 |
| tianocore | edk2 | >= 0 < 2020.05-4 | 2020.05-4 |
| tianocore | edk2 | >= 0 < 2020.05-4 | 2020.05-4 |
| tianocore | edk2 | >= 0 < 2020.05-4 | 2020.05-4 |
| tianocore | edk2 | >= 0 < 0~20160408.ffea0a2c-2ubuntu0.2 | 0~20160408.ffea0a2c-2ubuntu0.2 |
| tianocore | edk2 | >= 0 < 0~20180205.c0d9813c-2ubuntu0.3 | 0~20180205.c0d9813c-2ubuntu0.3 |
| tianocore | edk2 | >= 0 < 0~20191122.bd85bf54-2ubuntu3.1 | 0~20191122.bd85bf54-2ubuntu3.1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM