CVE-2019-0119 : Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Proc

Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.

Published 2019-05-17 16:29:02

Updated 2021-06-21 15:00:28

Source Intel Corporation

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2019-0119

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 10 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2019-0119

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
6.7	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-0119

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-0119

https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html

INTEL-SA-00223
Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/108485

Intel Unified Extensible Firmware Interface Multiple Security Vulnerabilities

CVEs referencing this url
https://support.f5.com/csp/article/K85585101

Products affected by CVE-2019-0119

Intel » Hns7200ap Firmware » Version: N/A
cpe:2.3:o:intel:hns7200ap_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns7200ap » Version: N/A
Intel » Hns7200apr Firmware » Version: N/A
cpe:2.3:o:intel:hns7200apr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns7200apr » Version: N/A
Intel » Xeon D-1649n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1649n » Version: N/A
Intel » Xeon D-1633n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1633n » Version: N/A
Intel » Xeon D-1637 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1637 » Version: N/A
Intel » Xeon D-1627 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1627 » Version: N/A
Intel » Xeon D-1623n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1623n » Version: N/A
Intel » Xeon D-1622 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1622 » Version: N/A
Intel » Xeon D-1653n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1653n » Version: N/A
Intel » Xeon D-1602 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1602 » Version: N/A
Intel » Xeon D-2141i Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2141i » Version: N/A
Intel » Xeon D-2177nt Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2177nt » Version: N/A
Intel » Xeon D-2161i Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2161i » Version: N/A
Intel » Xeon D-2143it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2143it » Version: N/A
Intel » Xeon D-2146nt Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2146nt » Version: N/A
Intel » Xeon D-2145nt Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2145nt » Version: N/A
Intel » Xeon D-2123it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2123it » Version: N/A
Intel » Xeon D-2173it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2173it » Version: N/A
Intel » Xeon D-2191 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2191 » Version: N/A
Intel » Xeon D-2187nt Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2187nt » Version: N/A
Intel » Xeon D-2142it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2142it » Version: N/A
Intel » Xeon D-2163it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2163it » Version: N/A
Intel » Xeon D-2183it Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2183it » Version: N/A
Intel » Xeon D-2166nt Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-2166nt » Version: N/A
Intel » Xeon Platinum Processors Firmware » Version: N/A
cpe:2.3:o:intel:xeon_platinum_processors_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon Platinum Processors » Version: N/A
Intel » Xeon Gold Processors Firmware » Version: N/A
cpe:2.3:o:intel:xeon_gold_processors_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon Gold Processors » Version: N/A
Intel » Xeon Silver Processors Firmware » Version: N/A
cpe:2.3:o:intel:xeon_silver_processors_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon Silver Processors » Version: N/A
Intel » Xeon Bronze Processors Firmware » Version: N/A
cpe:2.3:o:intel:xeon_bronze_processors_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon Bronze Processors » Version: N/A
Intel » Server Board S2600wf Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600wf_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600wf » Version: N/A
Intel » Server Board S2600bp Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600bp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600bp » Version: N/A
Intel » Server Board S2600st Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600st_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600st » Version: N/A
Intel » Server Board S2600wt Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600wt_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600wt » Version: N/A
Intel » Server Board S2600kp Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600kp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600kp » Version: N/A
Intel » Server Board S2600tp Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600tp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600tp » Version: N/A
Intel » Server Board S2600cw Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s2600cw_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S2600cw » Version: N/A
Intel » Server Board S7200ap Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s7200ap_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S7200ap » Version: N/A
Intel » Server Board S1200sp Firmware » Version: N/A
cpe:2.3:o:intel:server_board_s1200sp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server Board S1200sp » Version: N/A
Intel » Server System S9200wk Firmware » Version: N/A
cpe:2.3:o:intel:server_system_s9200wk_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Server System S9200wk » Version: N/A
Intel » Hns2600bpq24 Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpq24_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpq24 » Version: N/A
Intel » Hns2600bps Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bps_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bps » Version: N/A
Intel » Hns2600bps24 Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bps24_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bps24 » Version: N/A
Intel » Hns7200apl Firmware » Version: N/A
cpe:2.3:o:intel:hns7200apl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns7200apl » Version: N/A
Intel » Hns7200aprl Firmware » Version: N/A
cpe:2.3:o:intel:hns7200aprl_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns7200aprl » Version: N/A
Intel » Hns2600tp Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tp » Version: N/A
Intel » Hns2600tp24r Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tp24r_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tp24r » Version: N/A
Intel » Hns2600tp24sr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tp24sr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tp24sr » Version: N/A
Intel » Hns2600tp24str Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tp24str_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tp24str » Version: N/A
Intel » Hns2600tpf Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tpf_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tpf » Version: N/A
Intel » Hns2600tpfr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tpfr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tpfr » Version: N/A
Intel » Hns2600tpnr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tpnr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tpnr » Version: N/A
Intel » Hns2600tpr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600tpr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600tpr » Version: N/A
Intel » Hns2600kp Firmware » Version: N/A
cpe:2.3:o:intel:hns2600kp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600kp » Version: N/A
Intel » Hns2600kpf Firmware » Version: N/A
cpe:2.3:o:intel:hns2600kpf_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600kpf » Version: N/A
Intel » Hns2600kpfr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600kpfr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600kpfr » Version: N/A
Intel » Hns2600kpr Firmware » Version: N/A
cpe:2.3:o:intel:hns2600kpr_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600kpr » Version: N/A
Intel » Hns2600bpb24 Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpb24_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpb24 » Version: N/A
Intel » Hns2600bpb Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpb_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpb » Version: N/A
Intel » Hns2600bpblc Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpblc_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpblc » Version: N/A
Intel » Hns2600bpblc24 Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpblc24_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpblc24 » Version: N/A
Intel » Hns2600bpq Firmware » Version: N/A
cpe:2.3:o:intel:hns2600bpq_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600bpq » Version: N/A
Intel » Hns2400lp Firmware » Version: N/A
cpe:2.3:o:intel:hns2400lp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2400lp » Version: N/A
Intel » Hns2600jf Firmware » Version: N/A
cpe:2.3:o:intel:hns2600jf_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600jf » Version: N/A
Intel » Hns2600jff Firmware » Version: N/A
cpe:2.3:o:intel:hns2600jff_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600jff » Version: N/A
Intel » Hns2600jfq Firmware » Version: N/A
cpe:2.3:o:intel:hns2600jfq_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600jfq » Version: N/A
Intel » Hns2600wp Firmware » Version: N/A
cpe:2.3:o:intel:hns2600wp_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600wp » Version: N/A
Intel » Hns2600wpf Firmware » Version: N/A
cpe:2.3:o:intel:hns2600wpf_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600wpf » Version: N/A
Intel » Hns2600wpq Firmware » Version: N/A
cpe:2.3:o:intel:hns2600wpq_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Hns2600wpq » Version: N/A
Intel » Mfs2600ki Firmware » Version: N/A
cpe:2.3:o:intel:mfs2600ki_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Mfs2600ki » Version: N/A
Intel » Mfs5000si Firmware » Version: N/A
cpe:2.3:o:intel:mfs5000si_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Mfs5000si » Version: N/A
Intel » Mfs5520vir Firmware » Version: N/A
cpe:2.3:o:intel:mfs5520vir_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Mfs5520vir » Version: N/A
Intel » Xeon D-1533n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1533n » Version: N/A
Intel » Xeon D-1513n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1513n » Version: N/A
Intel » Xeon D-1543n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1543n » Version: N/A
Intel » Xeon D-1523n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1523n » Version: N/A
Intel » Xeon D-1553n Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1553n » Version: N/A
Intel » Xeon D-1539 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1539 » Version: N/A
Intel » Xeon D-1529 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1529 » Version: N/A
Intel » Xeon D-1559 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1559 » Version: N/A
Intel » Xeon D-1557 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1557 » Version: N/A
Intel » Xeon D-1567 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1567 » Version: N/A
Intel » Xeon D-1577 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1577 » Version: N/A
Intel » Xeon D-1571 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1571 » Version: N/A
Intel » Xeon D-1528 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1528 » Version: N/A
Intel » Xeon D-1541 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1541 » Version: N/A
Intel » Xeon D-1518 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1518 » Version: N/A
Intel » Xeon D-1521 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1521 » Version: N/A
Intel » Xeon D-1531 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1531 » Version: N/A
Intel » Xeon D-1548 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1548 » Version: N/A
Intel » Xeon D-1527 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1527 » Version: N/A
Intel » Xeon D-1537 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1537 » Version: N/A
Intel » Xeon D-1520 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1520 » Version: N/A
Intel » Xeon D-1540 Firmware » Version: N/A
cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Intel » Xeon D-1540 » Version: N/A

Vulnerability Details : CVE-2019-0119

Exploit prediction scoring system (EPSS) score for CVE-2019-0119

CVSS scores for CVE-2019-0119

CWE ids for CVE-2019-0119

References for CVE-2019-0119

Products affected by CVE-2019-0119