CVE-2017-5731

EUVD-2017-14808
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
tianocoreedk2
𝑥
< 2017-11-07
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
edk2
bionic
Fixed 0~20180205.c0d9813c-2ubuntu0.3+esm1
released
disco
not-affected
eoan
not-affected
focal
not-affected
groovy
not-affected
hirsute
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
Fixed 0~20160408.ffea0a2c-2ubuntu0.2+esm1
released
Common Weakness Enumeration
References
https://bugzilla.tianocore.org/show_bug.cgi?id=686
https://bugzilla.tianocore.org/show_bug.cgi?id=686