PT-2019-2952 · Linux+5 · Linux Kernel+5

Huangwen

·

Publicado

2019-05-30

·

Atualizado

2024-06-15

·

CVE-2019-3846

CVSS v3.1

8.8

Alta

VetorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is caused by a buffer overflow in the mwifiex update bss desc with ie function in the Linux kernel, specifically in the marvell/mwifiex/scan.c file. This can be exploited by a remote attacker to potentially escalate privileges, cause a denial of service, or execute arbitrary code. The vulnerability can be triggered when connecting to a malicious wireless network.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Memory Corruption

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-787CWE-122

Identificadores relacionados

ALT-PU-2019-2273
ALT-PU-2019-2274
ALT-PU-2019-2275
ALT-PU-2019-2276
ALT-PU-2019-2296
ALT-PU-2019-2314
ALT-PU-2019-2339
ALT-PU-2019-2481
ALT-PU-2019-2746
ALT-PU-2020-1070
BDU:2019-02927
CESA-2019_2703
CESA-2019_2741
CESA-2019_3055
CVE-2019-3846
DLA-1823-1
DLA-1824-1
DSA-4465-1
MGASA-2019-0221
OPENSUSE-SU-2019:1571-1
OPENSUSE-SU-2019:1579-1
OPENSUSE-SU-2019_1570-1
OPENSUSE-SU-2019_1571-1
OPENSUSE-SU-2019_1579-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2019:2703
RHSA-2019:2741
RHSA-2019:3055
RHSA-2019:3076
RHSA-2019:3089
RHSA-2019_2703
RHSA-2019_2741
RHSA-2019_3055
RHSA-2019_3089
RHSA-2020:0174
RHSA-2020:2289
SUSE-SU-2019:14127-1
SUSE-SU-2019:1527-1
SUSE-SU-2019:1529-1
SUSE-SU-2019:1530-1
SUSE-SU-2019:1532-1
SUSE-SU-2019:1533-1
SUSE-SU-2019:1534-1
SUSE-SU-2019:1535-1
SUSE-SU-2019:1536-1
SUSE-SU-2019:1550-1
SUSE-SU-2019:1581-1
SUSE-SU-2019:1588-1
SUSE-SU-2019:1668-1
SUSE-SU-2019:1671-1
SUSE-SU-2019:1674-1
SUSE-SU-2019:1692-1
SUSE-SU-2019:1765-1
SUSE-SU-2019:1882-1
SUSE-SU-2019:1948-1
SUSE-SU-2019:2430-1
SUSE-SU-2019:2450-1
SUSE-SU-2019:2821-1
SUSE-SU-2019_14127-1
USN-4093-1
USN-4094-1
USN-4095-1
USN-4095-2
USN-4117-1
USN-4118-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu