vulnerability
Oracle Linux: CVE-2018-12181: ELSA-2019-2125: ovmf security and enhancement update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:N/I:P/A:P) | Mar 7, 2019 | Jun 7, 2019 | Dec 3, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:P)
Published
Mar 7, 2019
Added
Jun 7, 2019
Modified
Dec 3, 2025
Description
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors.
A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors.
Solutions
oracle-linux-upgrade-aavmforacle-linux-upgrade-edk2-aarch64oracle-linux-upgrade-edk2-ovmforacle-linux-upgrade-ovmf
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.