| ID |
CVE-2019-0161
|
| Summary |
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 2.1 (as of 29-04-2021 - 22:15) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-787 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
| redhat
via4
|
| advisories | | bugzilla | | id | 1694065 | | title | CVE-2019-0161 edk2: stack overflow in XHCI causing denial of service |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 7 is installed | | oval | oval:com.redhat.rhba:tst:20150364027 |
| comment | OVMF is earlier than 0:20180508-6.gitee3198e672e2.el7 | | oval | oval:com.redhat.rhsa:tst:20192125001 |
| comment | OVMF is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20183090004 |
|
|
| | rhsa | | id | RHSA-2019:2125 | | released | 2019-08-06 | | severity | Moderate | | title | RHSA-2019:2125: ovmf security and enhancement update (Moderate) |
|
| | rpms | - OVMF-0:20180508-6.gitee3198e672e2.el7
- imgbased-0:1.1.9-0.1.el7ev
- ovirt-node-ng-nodectl-0:4.3.5-0.20190717.0.el7ev
- python-imgbased-0:1.1.9-0.1.el7ev
- python2-ovirt-node-ng-nodectl-0:4.3.5-0.20190717.0.el7ev
- redhat-release-virtualization-host-0:4.3.5-2.el7ev
- redhat-virtualization-host-image-update-0:4.3.5-20190722.0.el7_7
- redhat-virtualization-host-image-update-placeholder-0:4.3.5-2.el7ev
|
|
| refmap
via4
|
|
| Last major update |
29-04-2021 - 22:15 |
| Published |
27-03-2019 - 20:29 |
| Last modified |
29-04-2021 - 22:15 |
