CVE-2019-14559
edk2: memory leak in ArpOnFrameRcvdDpc
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Un consumo incontrolado de recursos en EDK II, puede permitir a un usuario no autenticado habilitar potencialmente una denegaciĆ³n de servicio por medio del acceso a la red
A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. A buffer overflow was discovered in BlockIo service. An unauthenticated user could potentially enable escalation of privilege, information disclosure and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-08-03 CVE Reserved
- 2020-05-01 CVE Published
- 2024-08-05 CVE Updated
- 2025-07-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=2031 | Issue Tracking | |
| https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2019-14559 | 2020-11-04 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1758601 | 2020-11-04 |