Vulnerabilities > CVE-2019-14558

CVSS 5.7 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

intel

debian

nessus

NVD

Published: 2020-10-05

Updated: 2022-01-01

Summary

Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.

Vulnerable Configurations

Part	Description	Count
OS	Intel Intel Bios -	1
OS	Debian Debian Debian Linux 9.0	1
Hardware	Intel Intel Celeron 4205U - Intel Celeron 4305U - Intel Celeron 4305Ue - Intel Celeron 5205U - Intel Celeron 5305U - Intel Core I3 8100 - Intel Core I3 8100F - Intel Core I3 8100T - Intel Core I3 8300 - Intel Core I3 8300T - Intel Core I3 8350K - Intel Core I3 9100 - Intel Core I3 9100F - Intel Core I3 9100T - Intel Core I3 9300 - Intel Core I3 9300T - Intel Core I3 9320 - Intel Core I3 9350K - Intel Core I3 9350Kf - Intel Core I5 8400 - Intel Core I5 8400T - Intel Core I5 8500 - Intel Core I5 8500T - Intel Core I5 8600 - Intel Core I5 8600K - Intel Core I5 8600T - Intel Core I5 9400 - Intel Core I5 9400F - Intel Core I5 9400T - Intel Core I5 9500 - Intel Core I5 9500F - Intel Core I5 9500T - Intel Core I5 9600 - Intel Core I5 9600K - Intel Core I5 9600Kf - Intel Core I5 9600T - Intel Core I7 1060G7 - Intel Core I7 1060Ng7 - Intel Core I7 1065G7 - Intel Core I7 1068Ng7 - Intel Core I7 8086K - Intel Core I7 8700 - Intel Core I7 8700K - Intel Core I7 8700T - Intel Core I7 9700 - Intel Core I7 9700F - Intel Core I7 9700K - Intel Core I7 9700Kf - Intel Core I7 9700T - Intel Core I9 9900 - Intel Core I9 9900K - Intel Core I9 9900Kf - Intel Core I9 9900Ks - Intel Core I9 9900T -	54

Nessus

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4349-1.NASL
description	A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12178) A buffer overflow was discovered in BlockIo service. An unauthenticated user could potentially enable escalation of privilege, information disclosure and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12180) A stack overflow was discovered in bmp. An unprivileged user could potentially enable denial of service or elevation of privilege via local access. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12181) It was discovered that memory was not cleared before free that could lead to potential password leak. (CVE-2019-14558) A memory leak was discovered in ArpOnFrameRcvdDpc. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2019-14559) An integer overflow was discovered in MdeModulePkg/PiDxeS3BootScriptLib. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2019-14563) It was discovered that the affected version doesn
last seen	2020-05-08
modified	2020-05-01
plugin id	136282
published	2020-05-01
reporter	Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/136282
title	Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : edk2 vulnerabilities (USN-4349-1)

Vulnerabilities > CVE-2019-14558 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2019-14558"}]}

Summary

Vulnerable Configurations

Nessus

References

Vulnerabilities > CVE-2019-14558