Vulnerability Details CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.3%
CVSS Severity
CVSS v3 Score 6.0
CVSS v2 Score 3.6
References
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html
- https://access.redhat.com/errata/RHSA-2019:2125
- https://access.redhat.com/errata/RHSA-2019:3338
- https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
- https://usn.ubuntu.com/4349-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html
- https://access.redhat.com/errata/RHSA-2019:2125
- https://access.redhat.com/errata/RHSA-2019:3338
- https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us
- https://usn.ubuntu.com/4349-1/