CVE-2019-14558
First published: Mon Oct 05 2020(Updated: )
Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/edk2 | 2020.11-2+deb11u2 2022.11-6+deb12u1 2024.05-2 | |
| All of | ||
| Intel BIOS | ||
| Any of | ||
| Intel Celeron 4205u | ||
| Intel Celeron 4305u | ||
| Intel Celeron 4305ue | ||
| Intel Celeron 5205u | ||
| Intel Celeron 5305u | ||
| Intel Core i3-8100 | ||
| Intel Core i3-8100F | ||
| Intel Core i3-8100T | ||
| Intel Core i3 8300 | ||
| Intel Core i3 8300T | ||
| Intel Core i3-8350K | ||
| Intel Core i3-9100 | ||
| Intel Core i3-9100F | ||
| Intel Core i3-9100T | ||
| Intel Core i3-9300 | ||
| Intel Core i3-9300T | ||
| Intel Core i3-9320 | ||
| Intel Core i3-9350K | ||
| Intel Core i3-9350KF | ||
| Intel Core i5-8400 | ||
| Intel Core i5-8400T | ||
| Intel Core i5-8500 | ||
| Intel Core i5-8500T | ||
| Intel Core i5-8600 | ||
| Intel Core i5-8600K | ||
| Intel Core i5-8600T | ||
| Intel Core i5-9400 | ||
| Intel Core i5-9400F | ||
| Intel Core i5-9400T | ||
| Intel core i5 9500 | ||
| Intel core i5 9500f | ||
| Intel core i5 9500t | ||
| Intel core i5 9600 | ||
| Intel core i5 9600k | ||
| Intel core i5 9600kf | ||
| Intel core i5 9600t | ||
| Intel core i7 1060g7 | ||
| Intel core i7 1060ng7 | ||
| Intel Core i7 1065G7 | ||
| Intel core i7 1068ng7 | ||
| Intel core i7 8086k | ||
| Intel core i7 8700 | ||
| Intel core i7 8700k | ||
| Intel core i7 8700t | ||
| Intel core i7 9700 | ||
| Intel core i7 9700f | ||
| Intel core i7 9700k | ||
| Intel core i7 9700kf | ||
| Intel Core i7-9700T Firmware | ||
| Intel core i9 9900 | ||
| Intel Core i9-9900KF | ||
| Intel core i9 9900kf | ||
| Intel core i9 9900ks | ||
| Intel core i9 9900t | ||
| Debian GNU/Linux | =9.0 | |
| Intel BIOS | ||
| Intel Celeron 4205u | ||
| Intel Celeron 4305u | ||
| Intel Celeron 4305ue | ||
| Intel Celeron 5205u | ||
| Intel Celeron 5305u | ||
| Intel Core i3-8100 | ||
| Intel Core i3-8100F | ||
| Intel Core i3-8100T | ||
| Intel Core i3 8300 | ||
| Intel Core i3 8300T | ||
| Intel Core i3-8350K | ||
| Intel Core i3-9100 | ||
| Intel Core i3-9100F | ||
| Intel Core i3-9100T | ||
| Intel Core i3-9300 | ||
| Intel Core i3-9300T | ||
| Intel Core i3-9320 | ||
| Intel Core i3-9350K | ||
| Intel Core i3-9350KF | ||
| Intel Core i5-8400 | ||
| Intel Core i5-8400T | ||
| Intel Core i5-8500 | ||
| Intel Core i5-8500T | ||
| Intel Core i5-8600 | ||
| Intel Core i5-8600K | ||
| Intel Core i5-8600T | ||
| Intel Core i5-9400 | ||
| Intel Core i5-9400F | ||
| Intel Core i5-9400T | ||
| Intel core i5 9500 | ||
| Intel core i5 9500f | ||
| Intel core i5 9500t | ||
| Intel core i5 9600 | ||
| Intel core i5 9600k | ||
| Intel core i5 9600kf | ||
| Intel core i5 9600t | ||
| Intel core i7 1060g7 | ||
| Intel core i7 1060ng7 | ||
| Intel Core i7 1065G7 | ||
| Intel core i7 1068ng7 | ||
| Intel core i7 8086k | ||
| Intel core i7 8700 | ||
| Intel core i7 8700k | ||
| Intel core i7 8700t | ||
| Intel core i7 9700 | ||
| Intel core i7 9700f | ||
| Intel core i7 9700k | ||
| Intel core i7 9700kf | ||
| Intel Core i7-9700T Firmware | ||
| Intel core i9 9900 | ||
| Intel Core i9-9900KF | ||
| Intel core i9 9900kf | ||
| Intel core i9 9900ks | ||
| Intel core i9 9900t |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00356.html
- https://launchpad.net/bugs/cve/CVE-2019-14558
- https://bugzilla.tianocore.org/show_bug.cgi?id=1611
- https://github.com/tianocore/edk2/commit/764e8ba1389a617639d79d2c4f0d53f4ea4a7387
- https://github.com/tianocore/edk2/commit/f1d78c489a39971b5aac5d2fc8a39bfa925c3c5d
- https://security-tracker.debian.org/tracker/CVE-2019-14558
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558
- https://nvd.nist.gov/vuln/detail/CVE-2019-14558
- https://ubuntu.com/security/CVE-2019-14558
Frequently Asked Questions
What is CVE-2019-14558?
CVE-2019-14558 is a vulnerability in BIOS firmware for 8th, 9th, and 10th Generation Intel(R) Core(TM) processors that could potentially enable denial of service.
How severe is CVE-2019-14558?
CVE-2019-14558 has a severity rating of 5.7, which is considered medium severity.
How can an authenticated user exploit CVE-2019-14558?
An authenticated user can exploit CVE-2019-14558 by gaining adjacent access and potentially enabling denial of service.
Which software versions are affected by CVE-2019-14558?
The affected software versions include Ubuntu edk2 0~20180205., Ubuntu edk2 0~20190606.20, Ubuntu edk2 0~20200229.4, Ubuntu edk2 0~20160408., Debian edk2 0~20181115.85588389-3+deb10u3, Debian edk2 2020.11-2+deb11u1, Debian edk2 2022.11-6, Debian edk2 2023.05-2, and Intel BIOS.
How can I fix CVE-2019-14558?
To fix CVE-2019-14558, you should apply the recommended patches provided by your operating system, such as the patches from Ubuntu or Debian.
- agent/type
- agent/remedy
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/debian
- vendor/intel
- canonical/intel bios
- canonical/intel celeron 4205u
- canonical/intel celeron 4305u
- canonical/intel celeron 4305ue
- canonical/intel celeron 5205u
- canonical/intel celeron 5305u
- canonical/intel core i3-8100
- canonical/intel core i3-8100f
- canonical/intel core i3-8100t
- canonical/intel core i3 8300
- canonical/intel core i3 8300t
- canonical/intel core i3-8350k
- canonical/intel core i3-9100
- canonical/intel core i3-9100f
- canonical/intel core i3-9100t
- canonical/intel core i3-9300
- canonical/intel core i3-9300t
- canonical/intel core i3-9320
- canonical/intel core i3-9350k
- canonical/intel core i3-9350kf
- canonical/intel core i5-8400
- canonical/intel core i5-8400t
- canonical/intel core i5-8500
- canonical/intel core i5-8500t
- canonical/intel core i5-8600
- canonical/intel core i5-8600k
- canonical/intel core i5-8600t
- canonical/intel core i5-9400
- canonical/intel core i5-9400f
- canonical/intel core i5-9400t
- canonical/intel core i5 9500
- canonical/intel core i5 9500f
- canonical/intel core i5 9500t
- canonical/intel core i5 9600
- canonical/intel core i5 9600k
- canonical/intel core i5 9600kf
- canonical/intel core i5 9600t
- canonical/intel core i7 1060g7
- canonical/intel core i7 1060ng7
- canonical/intel core i7 1065g7
- canonical/intel core i7 1068ng7
- canonical/intel core i7 8086k
- canonical/intel core i7 8700
- canonical/intel core i7 8700k
- canonical/intel core i7 8700t
- canonical/intel core i7 9700
- canonical/intel core i7 9700f
- canonical/intel core i7 9700k
- canonical/intel core i7 9700kf
- canonical/intel core i7-9700t firmware
- canonical/intel core i9 9900
- canonical/intel core i9-9900kf
- canonical/intel core i9 9900kf
- canonical/intel core i9 9900ks
- canonical/intel core i9 9900t
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/9.0