Description
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
References (1)
Core 1
Core References
Scores
CVSS v3
9.8
EPSS
0.0028
EPSS Percentile
51.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
CWE-787
Status
published
Products (12)
fedoraproject/fedora
30
opensuse/leap
15.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux_eus
8.1
redhat/enterprise_linux_eus
8.2
redhat/enterprise_linux_eus
8.4
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_server_aus
8.2
redhat/enterprise_linux_server_aus
8.4
redhat/enterprise_linux_server_tus
8.2
... and 2 more
Published
Mar 27, 2019
Tracked Since
Feb 18, 2026