Your submission was sent successfully! Close

CVE-2019-11098

Published: 14 July 2021

Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

Priority

Low

CVSS 3 base score: 6.8

Status

Package Release Status
edk2
Launchpad, Ubuntu, Debian
bionic Needed

focal
Released (0~20191122.bd85bf54-2ubuntu3.3)
groovy Ignored
(reached end-of-life)
hirsute
Released (2020.11-4ubuntu0.1)
impish Not vulnerable
(2021.05-1)
jammy Not vulnerable
(2021.05-1)
trusty Does not exist

upstream
Released (2020.11-5)
xenial Ignored
(out of standard support)