Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2019-12380

Published

4 years ago

Last Modified

5 months ago

CVSSv2.0 Severity

Low

CVSSv3.1 Severity

Medium

Impact Analysis

**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”..

CVSSv2.0 Score

Severity: Low
Base Score: 2.1/10
Exploit Score: 3.9/10
Access Vector: Local
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: Partial
Integrity Impact: None

CVSSv3.1 Score

Severity: Medium
Base Score: 5.5/10
Exploit Score: 1.8/10
Access Vector: Local
Access Complexity: Low
Privileges Required: Low
Impact Score: 3.6/10
Confidentiality Impact: None
Availability Impact: High
Integrity Impact: None
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding	Edit
cpe:2.3:o:linux:linux_kernel::::::::	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2019-12380

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2019-12380

CVE information

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References