Home

CVE-2019-14584

Description

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.227

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2020:3883-1(SUSE Linux Enterprise Server 12-SP5 ) ovmf-2017+git1510945757.b2662641d5-3.32.1.x86_64.rpmLinux
SUSE-SU-2020:3883-1(SUSE Linux Enterprise Server 12-SP5 ) ovmf-tools-2017+git1510945757.b2662641d5-3.32.1.x86_64.rpmLinux
SUSE-SU-2020:3883-1(SUSE Linux Enterprise Server 12-SP5 ) qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.32.1.noarch.rpmLinux
UEFI firmware for virtual machines (USN-4684-1) ovmf_2020.05-5ubuntu0.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) ovmf_0~20160408.ffea0a2c-2ubuntu0.2_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) ovmf_0~20180205.c0d9813c-2ubuntu0.3_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) ovmf_0~20191122.bd85bf54-2ubuntu3.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi_2020.05-5ubuntu0.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi_0~20160408.ffea0a2c-2ubuntu0.2_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi_0~20180205.c0d9813c-2ubuntu0.3_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi_0~20191122.bd85bf54-2ubuntu3.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-arm_2020.05-5ubuntu0.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-arm_0~20180205.c0d9813c-2ubuntu0.3_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-arm_0~20191122.bd85bf54-2ubuntu3.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-aarch64_2020.05-5ubuntu0.1_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-aarch64_0~20180205.c0d9813c-2ubuntu0.3_all.debLinux
UEFI firmware for virtual machines (USN-4684-1) qemu-efi-aarch64_0~20191122.bd85bf54-2ubuntu3.1_all.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234