usn-4349-1
Vulnerability from osv_ubuntu
A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12178)
A buffer overflow was discovered in BlockIo service. An unauthenticated user could potentially enable escalation of privilege, information disclosure and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12180)
A stack overflow was discovered in bmp. An unprivileged user could potentially enable denial of service or elevation of privilege via local access. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12181)
It was discovered that memory was not cleared before free that could lead to potential password leak. (CVE-2019-14558)
A memory leak was discovered in ArpOnFrameRcvdDpc. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2019-14559)
An integer overflow was discovered in MdeModulePkg/PiDxeS3BootScriptLib. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2019-14563)
It was discovered that the affected version doesn't properly check whether an unsigned EFI file should be allowed or not. An attacker could possibly load unsafe content by bypassing the verification. (CVE-2019-14575)
It was discovered that original configuration runtime memory is freed, but it is still exposed to the OS runtime. (CVE-2019-14586)
A double-unmap was discovered in TRB creation. An attacker could use it to cause a denial of service or other unspecified impact. (CVE-2019-14587)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-12178",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12180",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12181",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14558",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14559",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14563",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14575",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14586",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14587",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.1"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20160408.ffea0a2c-2ubuntu0.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20160408.ffea0a2c-2ubuntu0.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0~20160408.ffea0a2c-2ubuntu0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20150106.5c2d456b-2",
"0~20160104.c2a892d7-1",
"0~20160408.ffea0a2c-2"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-12178",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12180",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12181",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14558",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14559",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14563",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14575",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14586",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-14587",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ovmf",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.2"
},
{
"binary_name": "qemu-efi",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.2"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.2"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "0~20180205.c0d9813c-2ubuntu0.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "edk2",
"purl": "pkg:deb/ubuntu/edk2@0~20180205.c0d9813c-2ubuntu0.2?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0~20180205.c0d9813c-2ubuntu0.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0~20170911.5dfba97c-1",
"0~20171010.234dbcef-1",
"0~20171027.76fd5a66-1",
"0~20171205.a9212288-1",
"0~20180105.0bc94c74-1",
"0~20180205.c0d9813c-1",
"0~20180205.c0d9813c-2",
"0~20180205.c0d9813c-2ubuntu0.1"
]
}
],
"aliases": [],
"details": "A buffer overflow was discovered in the network stack. An unprivileged user\ncould potentially enable escalation of privilege and/or denial of service.\nThis issue was already fixed in a previous release for 18.04 LTS and 19.10.\n(CVE-2018-12178)\n\nA buffer overflow was discovered in BlockIo service. An unauthenticated user\ncould potentially enable escalation of privilege, information disclosure and/or\ndenial of service. This issue was already fixed in a previous release for 18.04\nLTS and 19.10. (CVE-2018-12180)\n\nA stack overflow was discovered in bmp. An unprivileged user\ncould potentially enable denial of service or elevation of privilege via\nlocal access. This issue was already fixed in a previous release for 18.04\nLTS and 19.10. (CVE-2018-12181)\n\nIt was discovered that memory was not cleared before free that could lead\nto potential password leak. (CVE-2019-14558)\n\nA memory leak was discovered in ArpOnFrameRcvdDpc. An attacker could\npossibly use this issue to cause a denial of service or other unspecified\nimpact. (CVE-2019-14559)\n\nAn integer overflow was discovered in MdeModulePkg/PiDxeS3BootScriptLib.\nAn attacker could possibly use this issue to cause a denial of service or\nother unspecified impact. (CVE-2019-14563)\n\nIt was discovered that the affected version doesn\u0027t properly check whether an\nunsigned EFI file should be allowed or not. An attacker could possibly load\nunsafe content by bypassing the verification. (CVE-2019-14575)\n\nIt was discovered that original configuration runtime memory is freed, but it\nis still exposed to the OS runtime. (CVE-2019-14586)\n\nA double-unmap was discovered in TRB creation. An attacker could use it to\ncause a denial of service or other unspecified impact. (CVE-2019-14587)\n",
"id": "USN-4349-1",
"modified": "2026-02-10T04:41:49Z",
"published": "2020-04-30T22:54:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-4349-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-12178"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-12180"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-12181"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14558"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14559"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14563"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14575"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14586"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-14587"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "edk2 vulnerabilities",
"upstream": [
"UBUNTU-CVE-2018-12178",
"UBUNTU-CVE-2018-12180",
"UBUNTU-CVE-2018-12181",
"UBUNTU-CVE-2019-14558",
"UBUNTU-CVE-2019-14559",
"UBUNTU-CVE-2019-14563",
"UBUNTU-CVE-2019-14575",
"UBUNTU-CVE-2019-14586",
"UBUNTU-CVE-2019-14587"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.