PT-2020-3069 · Linux+4 · Linux Kernel+4

Published

2020-01-27

·

Updated

2022-04-26

·

CVE-2020-12653

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.5.4
Description The issue is related to the mwifiex cmd append vsie tlv() function in the Marvell WiFi driver of the Linux kernel, which allows local users to gain privileges or cause a denial of service due to an incorrect memcpy and buffer overflow. This is caused by improper input validation.
Recommendations For versions prior to 5.5.4, update to version 5.5.4 or later to resolve the issue. As a temporary workaround, consider disabling the mwifiex cmd append vsie tlv() function until a patch is available.

Fix

DoS

Improper Privilege Management

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-787CWE-120

Related Identifiers

ALT-PU-2020-1251
ALT-PU-2020-1316
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1714
ALT-PU-2020-2164
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2020-03360
CESA-2020_3010
CESA-2020_3016
CESA-2020_3220
CVE-2020-12653
DLA-2241-1
DLA-2241-2
DLA-2242-1
DSA-4698-1
OPENSUSE-SU-2020:0801-1
OPENSUSE-SU-2020_0801-1
RHSA-2020:2832
RHSA-2020:3010
RHSA-2020:3016
RHSA-2020:3041
RHSA-2020:3220
RHSA-2020:3221
RHSA-2020:3222
RHSA-2020:3224
RHSA-2020:3226
RHSA-2020:3232
RHSA-2020:3389
RHSA-2020:3432
RHSA-2020_3010
RHSA-2020_3016
RHSA-2020_3220
RHSA-2020_3221
SUSE-SU-2020:14393-1
SUSE-SU-2020:1452-1
SUSE-SU-2020:1475-1
SUSE-SU-2020:1486-1
SUSE-SU-2020:1587-1
SUSE-SU-2020:1596-1
SUSE-SU-2020:1597-1
SUSE-SU-2020:1599-1
SUSE-SU-2020:1602-1
SUSE-SU-2020:1603-1
SUSE-SU-2020:1604-1
SUSE-SU-2020:1605-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1779-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1452-1
SUSE-SU-2020_1475-1
SUSE-SU-2020_1486-1
SUSE-SU-2020_1587-1
SUSE-SU-2020_1596-1
SUSE-SU-2020_1597-1
SUSE-SU-2020_1599-1
SUSE-SU-2020_1602-1
SUSE-SU-2020_1603-1
SUSE-SU-2020_1604-1
SUSE-SU-2020_1605-1
SUSE-SU-2020_1663-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse