Vulnerabilities > CVE-2018-12183 - Out-of-bounds Write vulnerability in Tianocore EDK II
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Amazon Linux Local Security Checks |
NASL id | AL2_ALAS-2019-1290.NASL |
description | Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. (CVE-2018-12182) Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. (CVE-2019-0161) Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media. (CVE-2019-0160) Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. (CVE-2018-12183) Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. (CVE-2018-12179) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 129069 |
published | 2019-09-20 |
reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/129069 |
title | Amazon Linux 2 : edk2 (ALAS-2019-1290) |
References
- https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html
- http://www.securityfocus.com/bid/107643
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/