PT-2019-4192 · Linux+5 · Linux Kernel+5
Dhananjay Arunesh
+2
·
Publicado
2019-11-22
·
Atualizado
2023-02-12
·
CVE-2019-14901
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions 3.x.x and 4.x.x before 4.18.0
Description
The issue is related to a heap overflow flaw in the Marvell WiFi chip driver of the Linux kernel. This flaw allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code with root permissions, affecting the confidentiality and integrity of files on the system.
Recommendations
For Linux kernel versions 3.x.x and 4.x.x before 4.18.0, update to version 4.18.0 or later to resolve the issue.
As a temporary workaround, consider restricting access to the Marvell WiFi chip driver to minimize the risk of exploitation.
Exploit
Correção
DoS
Resource Exhaustion
Memory Corruption
Heap Based Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu