CVE-2019-11098
Published: 14 July 2021
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Priority
CVSS 3 base score: 6.8
Status
Package | Release | Status |
---|---|---|
edk2 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Released
(0~20191122.bd85bf54-2ubuntu3.3)
|
|
groovy |
Ignored
(reached end-of-life)
|
|
hirsute |
Released
(2020.11-4ubuntu0.1)
|
|
impish |
Not vulnerable
(2021.05-1)
|
|
jammy |
Not vulnerable
(2021.05-1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2020.11-5)
|
|
xenial |
Ignored
(out of standard support)
|