PT-2019-5510 · Linux+5 · Linux Kernel+5

Huangwen

·

Published

2019-08-28

·

Updated

2024-06-15

·

CVE-2019-14814

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3
Description The issue is related to a heap-based buffer overflow in the Marvell Wi-Fi chip driver of the Linux kernel. This overflow is associated with errors in the mwifiex set uap rates() function. Exploitation of this issue can allow an attacker to cause a denial of service, potentially leading to a system crash, or possibly execute arbitrary code. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.
Recommendations For Linux kernel versions prior to 5.3, update to version 5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the mwifiex set uap rates() function until a patch is available.

Exploit

Fix

DoS

Memory Corruption

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122CWE-120

Related Identifiers

ALT-PU-2019-2762
ALT-PU-2019-2763
ALT-PU-2019-2764
ALT-PU-2019-2768
ALT-PU-2019-2838
ALT-PU-2019-2842
ALT-PU-2019-2890
ALT-PU-2019-2891
ALT-PU-2020-1025
ALT-PU-2020-1070
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2020-03328
CESA-2020_0328
CESA-2020_0339
CESA-2020_1016
CVE-2019-14814
DLA-1930-1
DLA-2114-1
ELSA-2020-0339
ELSA-2020-5670
ELSA-2020-5676
MGASA-2019-0287
MGASA-2019-0288
MGASA-2019-0333
OPENSUSE-SU-2019:2173-1
OPENSUSE-SU-2019:2181-1
OPENSUSE-SU-2019_2173-1
OPENSUSE-SU-2019_2181-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2020:0174
RHSA-2020:0328
RHSA-2020:0339
RHSA-2020:1016
RHSA-2020_0328
RHSA-2020_0339
RHSA-2020_1016
SUSE-SU-2019:2412-1
SUSE-SU-2019:2414-1
SUSE-SU-2019:2424-1
SUSE-SU-2019:2648-1
SUSE-SU-2019:2651-1
SUSE-SU-2019:2658-1
SUSE-SU-2019:2738-1
SUSE-SU-2019:2756-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:2984-1
SUSE-SU-2019_2412-1
SUSE-SU-2019_2414-1
SUSE-SU-2019_2424-1
SUSE-SU-2019_2648-1
SUSE-SU-2019_2651-1
SUSE-SU-2019_2658-1
SUSE-SU-2019_2738-1
SUSE-SU-2019_2949-1
SUSE-SU-2019_2950-1
SUSE-SU-2019_2984-1
SUSE-SU-2020:2491-1
SUSE-SU-2020_2491-1
USN-4157-1
USN-4157-2
USN-4162-1
USN-4162-2
USN-4163-1
USN-4163-2

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu