Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html
https://access.redhat.com/errata/RHSA-2019:2125
https://access.redhat.com/errata/RHSA-2019:2437
https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html
Source: MITRE
Published: 2019-03-27
Updated: 2020-08-24
Type: CWE-787
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
132479 | NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Multiple Vulnerabilities (NS-SA-2019-0239) | Nessus | NewStart CGSL Local Security Checks | high |
131425 | NewStart CGSL CORE 5.04 / MAIN 5.04 : ovmf Multiple Vulnerabilities (NS-SA-2019-0218) | Nessus | NewStart CGSL Local Security Checks | high |
129069 | Amazon Linux 2 : edk2 (ALAS-2019-1290) | Nessus | Amazon Linux Local Security Checks | high |
128356 | CentOS 7 : ovmf (CESA-2019:2125) | Nessus | CentOS Local Security Checks | high |
128248 | Scientific Linux Security Update : ovmf on SL7.x x86_64 (20190806) | Nessus | Scientific Linux Local Security Checks | high |
127986 | RHEL 7 : Virtualization Manager (RHSA-2019:2437) | Nessus | Red Hat Local Security Checks | medium |
127676 | RHEL 7 : ovmf (RHSA-2019:2125) | Nessus | Red Hat Local Security Checks | high |
125324 | openSUSE Security Update : ovmf (openSUSE-2019-1425) | Nessus | SuSE Local Security Checks | low |
124853 | SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:1204-1) | Nessus | SuSE Local Security Checks | low |
124713 | openSUSE Security Update : ovmf (openSUSE-2019-1352) | Nessus | SuSE Local Security Checks | low |
124675 | SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:1157-1) | Nessus | SuSE Local Security Checks | low |
124452 | SUSE SLES15 Security Update : ovmf (SUSE-SU-2019:1110-1) | Nessus | SuSE Local Security Checks | low |