CVE-2018-12180
Description
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.331
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2019:0581-1(SUSE Linux Enterprise Desktop 12-SP4 ) qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.8.3.noarch.rpm | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20160408.ffea0a2c-2ubuntu0.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi_0~20160408.ffea0a2c-2ubuntu0.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-arm_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-arm_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-aarch64_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-aarch64_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
| Edk2-ovmf update (ELSA-2019-0968) edk2-ovmf-20180508gitee3198e672e2-9.el8_0.1.noarch.rpm | Linux |
| OVMF update (ELSA-2019-2125) OVMF-20180508-6.gitee3198e672e2.el7.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234