Advisory Published
Updated

CVE-2019-14558

First published: Tue Dec 31 2019(Updated: )

Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.

Credit: secure@intel.com secure@intel.com

Affected SoftwareAffected VersionHow to fix
Intel BIOS
Intel Celeron 4205u
Intel Celeron 4305u
Intel Celeron 4305ue
Intel Celeron 5205u
Intel Celeron 5305u
Intel Core I3 8100
Intel Core I3 8100f
Intel Core I3 8100t
Intel Core I3 8300
Intel Core I3 8300t
Intel Core I3 8350k
Intel Core I3 9100
Intel Core I3 9100f
Intel Core I3 9100t
Intel Core I3 9300
Intel Core I3 9300t
Intel Core I3 9320
Intel Core I3 9350k
Intel Core I3 9350kf
Intel Core I5 8400
Intel Core I5 8400t
Intel Core I5 8500
Intel Core I5 8500t
Intel Core I5 8600
Intel Core I5 8600k
Intel Core I5 8600t
Intel Core I5 9400
Intel Core I5 9400f
Intel Core I5 9400t
Intel Core I5 9500
Intel Core I5 9500f
Intel Core I5 9500t
Intel Core I5 9600
Intel Core I5 9600k
Intel Core I5 9600kf
Intel Core I5 9600t
Intel Core I7 1060g7
Intel Core I7 1060ng7
Intel Core I7 1065g7
Intel Core I7 1068ng7
Intel Core I7 8086k
Intel Core I7 8700
Intel Core I7 8700k
Intel Core I7 8700t
Intel Core I7 9700
Intel Core I7 9700f
Intel Core I7 9700k
Intel Core I7 9700kf
Intel Core I7 9700t
Intel Core I9 9900
Intel Core I9 9900k
Intel Core I9 9900kf
Intel Core I9 9900ks
Intel Core I9 9900t
Debian Debian Linux=9.0
All of
Intel BIOS
Any of
Intel Celeron 4205u
Intel Celeron 4305u
Intel Celeron 4305ue
Intel Celeron 5205u
Intel Celeron 5305u
Intel Core I3 8100
Intel Core I3 8100f
Intel Core I3 8100t
Intel Core I3 8300
Intel Core I3 8300t
Intel Core I3 8350k
Intel Core I3 9100
Intel Core I3 9100f
Intel Core I3 9100t
Intel Core I3 9300
Intel Core I3 9300t
Intel Core I3 9320
Intel Core I3 9350k
Intel Core I3 9350kf
Intel Core I5 8400
Intel Core I5 8400t
Intel Core I5 8500
Intel Core I5 8500t
Intel Core I5 8600
Intel Core I5 8600k
Intel Core I5 8600t
Intel Core I5 9400
Intel Core I5 9400f
Intel Core I5 9400t
Intel Core I5 9500
Intel Core I5 9500f
Intel Core I5 9500t
Intel Core I5 9600
Intel Core I5 9600k
Intel Core I5 9600kf
Intel Core I5 9600t
Intel Core I7 1060g7
Intel Core I7 1060ng7
Intel Core I7 1065g7
Intel Core I7 1068ng7
Intel Core I7 8086k
Intel Core I7 8700
Intel Core I7 8700k
Intel Core I7 8700t
Intel Core I7 9700
Intel Core I7 9700f
Intel Core I7 9700k
Intel Core I7 9700kf
Intel Core I7 9700t
Intel Core I9 9900
Intel Core I9 9900k
Intel Core I9 9900kf
Intel Core I9 9900ks
Intel Core I9 9900t
ubuntu/edk2<0~20180205.
0~20180205.
ubuntu/edk2<0~20190606.20
0~20190606.20
ubuntu/edk2<0~20200229.4
0~20200229.4
ubuntu/edk2<0~20160408.
0~20160408.
debian/edk2
2020.11-2+deb11u2
2022.11-6+deb12u1
2024.05-1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is CVE-2019-14558?

    CVE-2019-14558 is a vulnerability in BIOS firmware for 8th, 9th, and 10th Generation Intel(R) Core(TM) processors that could potentially enable denial of service.

  • How severe is CVE-2019-14558?

    CVE-2019-14558 has a severity rating of 5.7, which is considered medium severity.

  • How can an authenticated user exploit CVE-2019-14558?

    An authenticated user can exploit CVE-2019-14558 by gaining adjacent access and potentially enabling denial of service.

  • Which software versions are affected by CVE-2019-14558?

    The affected software versions include Ubuntu edk2 0~20180205., Ubuntu edk2 0~20190606.20, Ubuntu edk2 0~20200229.4, Ubuntu edk2 0~20160408., Debian edk2 0~20181115.85588389-3+deb10u3, Debian edk2 2020.11-2+deb11u1, Debian edk2 2022.11-6, Debian edk2 2023.05-2, and Intel BIOS.

  • How can I fix CVE-2019-14558?

    To fix CVE-2019-14558, you should apply the recommended patches provided by your operating system, such as the patches from Ubuntu or Debian.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203