CVE-2019-14558
First published: Mon Oct 05 2020(Updated: )
Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/edk2 | 2020.11-2+deb11u2 2022.11-6+deb12u1 2024.05-2 | |
| All of | ||
| Intel BIOS firmware | ||
| Any of | ||
| Intel Celeron 4205U | ||
| Intel Celeron 4305U Firmware | ||
| Intel Celeron 4305UE Firmware | ||
| Intel Celeron G5205U | ||
| Intel Celeron G5305U | ||
| Intel Core i3-8100 | ||
| Intel Core i3-8100F | ||
| Intel Core i3-8100T | ||
| Intel Core i3-8300 | ||
| Intel Core i3-8300T | ||
| Intel Core i3-8350K | ||
| Intel Core i3-9100 | ||
| Intel Core i3-9100F | ||
| Intel Core i3-9100T | ||
| Intel Core i3-9300 | ||
| Intel Core i3-9300T | ||
| Intel Core i3-9320 | ||
| Intel Core i3-9350K | ||
| Intel Core i3-9350KF | ||
| Intel Core i5-8400 | ||
| Intel Core i5-8400T | ||
| Intel Core i5-8500 | ||
| Intel Core i5-8500T | ||
| Intel Core i5-8600 | ||
| Intel Core i5-8600K | ||
| Intel Core i5-8600T | ||
| Intel Core i5-9400 | ||
| Intel Core i5-9400F | ||
| Intel Core i5-9400T | ||
| Intel Core i5-9500 | ||
| Intel Core i5-9500F | ||
| Intel Core i5-9500T | ||
| Intel Core i5-9600 | ||
| Intel Core i5-9600K | ||
| Intel Core i5-9600KF | ||
| Intel Core i5-9600T | ||
| Intel Core i7-1060G7 | ||
| Intel Core i7-1060G7 | ||
| Intel Core i7-1065G7 | ||
| Intel Core i7-1068NG7 | ||
| Intel Core i7-8086K | ||
| Intel Core i7-8700 | ||
| Intel Core i7-8700K | ||
| Intel Core i7-8700T | ||
| Intel Core i7-9700F | ||
| Intel Core i7-9700F | ||
| Intel Core i7-9700K | ||
| Intel Core i7-9700KF | ||
| Intel Core i7-9700T Firmware | ||
| Intel Core i9-9900 | ||
| Intel Core i9-9900KF | ||
| Intel Core i9-9900KF | ||
| Intel Core i9-9900KS | ||
| Intel Core i9-9900T | ||
| Debian | =9.0 | |
| Intel BIOS firmware | ||
| Intel Celeron 4205U | ||
| Intel Celeron 4305U Firmware | ||
| Intel Celeron 4305UE Firmware | ||
| Intel Celeron G5205U | ||
| Intel Celeron G5305U | ||
| Intel Core i3-8100 | ||
| Intel Core i3-8100F | ||
| Intel Core i3-8100T | ||
| Intel Core i3-8300 | ||
| Intel Core i3-8300T | ||
| Intel Core i3-8350K | ||
| Intel Core i3-9100 | ||
| Intel Core i3-9100F | ||
| Intel Core i3-9100T | ||
| Intel Core i3-9300 | ||
| Intel Core i3-9300T | ||
| Intel Core i3-9320 | ||
| Intel Core i3-9350K | ||
| Intel Core i3-9350KF | ||
| Intel Core i5-8400 | ||
| Intel Core i5-8400T | ||
| Intel Core i5-8500 | ||
| Intel Core i5-8500T | ||
| Intel Core i5-8600 | ||
| Intel Core i5-8600K | ||
| Intel Core i5-8600T | ||
| Intel Core i5-9400 | ||
| Intel Core i5-9400F | ||
| Intel Core i5-9400T | ||
| Intel Core i5-9500 | ||
| Intel Core i5-9500F | ||
| Intel Core i5-9500T | ||
| Intel Core i5-9600 | ||
| Intel Core i5-9600K | ||
| Intel Core i5-9600KF | ||
| Intel Core i5-9600T | ||
| Intel Core i7-1060G7 | ||
| Intel Core i7-1060G7 | ||
| Intel Core i7-1065G7 | ||
| Intel Core i7-1068NG7 | ||
| Intel Core i7-8086K | ||
| Intel Core i7-8700 | ||
| Intel Core i7-8700K | ||
| Intel Core i7-8700T | ||
| Intel Core i7-9700F | ||
| Intel Core i7-9700F | ||
| Intel Core i7-9700K | ||
| Intel Core i7-9700KF | ||
| Intel Core i7-9700T Firmware | ||
| Intel Core i9-9900 | ||
| Intel Core i9-9900KF | ||
| Intel Core i9-9900KF | ||
| Intel Core i9-9900KS | ||
| Intel Core i9-9900T |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html
- https://launchpad.net/bugs/cve/CVE-2019-14558
- https://bugzilla.tianocore.org/show_bug.cgi?id=1611
- https://github.com/tianocore/edk2/commit/764e8ba1389a617639d79d2c4f0d53f4ea4a7387
- https://github.com/tianocore/edk2/commit/f1d78c489a39971b5aac5d2fc8a39bfa925c3c5d
- https://security-tracker.debian.org/tracker/CVE-2019-14558
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558
- https://nvd.nist.gov/vuln/detail/CVE-2019-14558
- https://ubuntu.com/security/CVE-2019-14558
Frequently Asked Questions
What is CVE-2019-14558?
CVE-2019-14558 is a vulnerability in BIOS firmware for 8th, 9th, and 10th Generation Intel(R) Core(TM) processors that could potentially enable denial of service.
How severe is CVE-2019-14558?
CVE-2019-14558 has a severity rating of 5.7, which is considered medium severity.
How can an authenticated user exploit CVE-2019-14558?
An authenticated user can exploit CVE-2019-14558 by gaining adjacent access and potentially enabling denial of service.
Which software versions are affected by CVE-2019-14558?
The affected software versions include Ubuntu edk2 0~20180205., Ubuntu edk2 0~20190606.20, Ubuntu edk2 0~20200229.4, Ubuntu edk2 0~20160408., Debian edk2 0~20181115.85588389-3+deb10u3, Debian edk2 2020.11-2+deb11u1, Debian edk2 2022.11-6, Debian edk2 2023.05-2, and Intel BIOS.
How can I fix CVE-2019-14558?
To fix CVE-2019-14558, you should apply the recommended patches provided by your operating system, such as the patches from Ubuntu or Debian.
- agent/type
- agent/remedy
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/debian
- vendor/intel
- canonical/intel bios firmware
- canonical/intel celeron 4205u
- canonical/intel celeron 4305u firmware
- canonical/intel celeron 4305ue firmware
- canonical/intel celeron g5205u
- canonical/intel celeron g5305u
- canonical/intel core i3-8100
- canonical/intel core i3-8100f
- canonical/intel core i3-8100t
- canonical/intel core i3-8300
- canonical/intel core i3-8300t
- canonical/intel core i3-8350k
- canonical/intel core i3-9100
- canonical/intel core i3-9100f
- canonical/intel core i3-9100t
- canonical/intel core i3-9300
- canonical/intel core i3-9300t
- canonical/intel core i3-9320
- canonical/intel core i3-9350k
- canonical/intel core i3-9350kf
- canonical/intel core i5-8400
- canonical/intel core i5-8400t
- canonical/intel core i5-8500
- canonical/intel core i5-8500t
- canonical/intel core i5-8600
- canonical/intel core i5-8600k
- canonical/intel core i5-8600t
- canonical/intel core i5-9400
- canonical/intel core i5-9400f
- canonical/intel core i5-9400t
- canonical/intel core i5-9500
- canonical/intel core i5-9500f
- canonical/intel core i5-9500t
- canonical/intel core i5-9600
- canonical/intel core i5-9600k
- canonical/intel core i5-9600kf
- canonical/intel core i5-9600t
- canonical/intel core i7-1060g7
- canonical/intel core i7-1065g7
- canonical/intel core i7-1068ng7
- canonical/intel core i7-8086k
- canonical/intel core i7-8700
- canonical/intel core i7-8700k
- canonical/intel core i7-8700t
- canonical/intel core i7-9700f
- canonical/intel core i7-9700k
- canonical/intel core i7-9700kf
- canonical/intel core i7-9700t firmware
- canonical/intel core i9-9900
- canonical/intel core i9-9900kf
- canonical/intel core i9-9900ks
- canonical/intel core i9-9900t
- vendor/debian
- canonical/debian
- version/debian/9.0