Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
References
Configurations
History
21 Nov 2024, 03:44
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/107648 - | |
References | () https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html - Patch, Vendor Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/ - | |
References | () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us - |
07 Nov 2023, 02:52
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-03-27 20:29
Updated : 2024-11-21 03:44
NVD link : CVE-2018-12182
Mitre link : CVE-2018-12182
CVE.ORG link : CVE-2018-12182
JSON object : View
Products Affected
tianocore
- edk_ii
CWE
CWE-441
Unintended Proxy or Intermediary ('Confused Deputy')