CVE-2019-14586

Priority
Description
edk2: the original configuration runtime
memory is freed, but it is still exposed to the OS runtime.
Notes
Package
Source: edk2 (LP Ubuntu Debian)
Upstream:released (0~20200229.4c0f6e34-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (0~20160408.ffea0a2c-2ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (0~20180205.c0d9813c-2ubuntu0.2)
Ubuntu 19.10 (Eoan Ermine):released (0~20190606.20d2e5a1-2ubuntu1.1)
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
Patches:
Upstream:https://github.com/tianocore/edk2/commit/c32be82e99ef272e7fa742c2f06ff9a4c3756613
More Information

Updated: 2020-05-06 13:14:21 UTC (commit 67b503d0a1dabefc97b73a9bd8090138633e2c1d)