Unrated severityNVD Advisory· Published Mar 27, 2019· Updated Aug 5, 2024
CVE-2018-3613
CVE-2018-3613
Description
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Affected products
8- osv-coords7 versionspkg:rpm/opensuse/ovmf&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
< 202105-3.4+ 6 more
- (no CPE)range: < 202105-3.4
- (no CPE)range: < 2017+git1510945757.b2662641d5-3.5.1
- (no CPE)range: < 2017+git1510945757.b2662641d5-5.11.1
- (no CPE)range: < 2017+git1492060560.b6d11d7c46-4.17.1
- (no CPE)range: < 2017+git1510945757.b2662641d5-3.5.1
- (no CPE)range: < 2017+git1492060560.b6d11d7c46-4.17.1
- (no CPE)range: < 2017+git1510945757.b2662641d5-3.5.1
- Extensible Firmware Interface Development Kit (EDK II)/Extensible Firmware Interface Development Kit (EDK II)v5Range: N/A
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- access.redhat.com/errata/RHSA-2019:2125mitrevendor-advisoryx_refsource_REDHAT
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/mitrevendor-advisoryx_refsource_FEDORA
- edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.htmlmitrex_refsource_CONFIRM
- support.hpe.com/hpsc/doc/public/displaymitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.