CVE-2018-12181

Priority
Description
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to
potentially enable denial of service or elevation of privilege via local
access.
Notes
Package
Source: edk2 (LP Ubuntu Debian)
Upstream:released (0~20181115.85588389-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):released (0~20160408.ffea0a2c-2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (0~20180205.c0d9813c-2ubuntu0.2)
Ubuntu 19.10 (Eoan Ermine):not-affected (0~20181115.85588389-3ubuntu1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (0~20181115.85588389-3ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):not-affected (0~20181115.85588389-3ubuntu1)
Patches:
Upstream:https://github.com/tianocore/edk2/commit/ffe5f7a6b4e978dffbe1df228963adc914451106
Upstream:https://github.com/tianocore/edk2/commit/89910a39dcfd788057caa5d88b7e76e112d187b5
More Information

Updated: 2020-05-06 21:15:02 UTC (commit 4c154af2f60b31f133772b1dade8f1cc0e94026b)