CVE-2019-14586
published 2020-11-23CVE-2019-14586: Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of…
high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | edk2 | < edk2 0~20200229.4c0f6e34-1 (bookworm) | edk2 0~20200229.4c0f6e34-1 (bookworm) |
| tianocore | edk2 | >= 0 < 0~20200229.4c0f6e34-1 | 0~20200229.4c0f6e34-1 |
| tianocore | edk2 | >= 0 < 0~20200229.4c0f6e34-1 | 0~20200229.4c0f6e34-1 |
| tianocore | edk2 | >= 0 < 0~20200229.4c0f6e34-1 | 0~20200229.4c0f6e34-1 |
| tianocore | edk2 | >= 0 < 0~20200229.4c0f6e34-1 | 0~20200229.4c0f6e34-1 |
| tianocore | edk2 | >= 0 < 0~20160408.ffea0a2c-2ubuntu0.1 | 0~20160408.ffea0a2c-2ubuntu0.1 |
| tianocore | edk2 | >= 0 < 0~20180205.c0d9813c-2ubuntu0.2 | 0~20180205.c0d9813c-2ubuntu0.2 |
CVSS provenance
nvdv3.18.0HIGHCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.1CRITICAL