Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
References
Link | Resource |
---|---|
https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: intel
Published: 2021-07-14T13:28:44
Updated: 2021-07-14T13:28:44
Reserved: 2019-04-11T00:00:00
Link: CVE-2019-11098
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-14T14:15:07.937
Modified: 2021-07-20T23:34:53.267
Link: CVE-2019-11098
JSON object: View
Redhat Information
No data.
CWE