PT-2020-3070 · Linux+5 · Linux Kernel+5

Published

2020-01-27

·

Updated

2021-05-28

·

CVE-2020-12654

CVSS v3.1

7.1

High

VectorAV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.5.4
Description The issue is related to the mwifiex ret wmm get status() function in the Marvell WiFi driver of the Linux kernel, which allows a remote AP to trigger a heap-based buffer overflow due to an incorrect memcpy. This can lead to a denial of service.
Recommendations For Linux kernel versions prior to 5.5.4, update to version 5.5.4 or later to resolve the issue. As a temporary workaround, consider disabling the mwifiex ret wmm get status() function until a patch is available. Restrict access to the vulnerable Marvell WiFi driver to minimize the risk of exploitation.

Fix

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

ALT-PU-2020-1251
ALT-PU-2020-1316
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1714
ALT-PU-2020-2164
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1870
BDU:2020-03361
CESA-2020_3010
CESA-2020_3016
CESA-2020_3220
CVE-2020-12654
DLA-2241-1
DLA-2241-2
DLA-2242-1
DSA-4698-1
OPENSUSE-SU-2020:0801-1
OPENSUSE-SU-2020_0801-1
RHSA-2020:2832
RHSA-2020:3010
RHSA-2020:3016
RHSA-2020:3041
RHSA-2020:3220
RHSA-2020:3221
RHSA-2020:3222
RHSA-2020:3224
RHSA-2020:3226
RHSA-2020:3232
RHSA-2020:3389
RHSA-2020:3432
RHSA-2020_3010
RHSA-2020_3016
RHSA-2020_3220
RHSA-2020_3221
SUSE-SU-2020:14393-1
SUSE-SU-2020:1452-1
SUSE-SU-2020:1475-1
SUSE-SU-2020:1486-1
SUSE-SU-2020:1587-1
SUSE-SU-2020:1596-1
SUSE-SU-2020:1597-1
SUSE-SU-2020:1599-1
SUSE-SU-2020:1602-1
SUSE-SU-2020:1603-1
SUSE-SU-2020:1604-1
SUSE-SU-2020:1605-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1779-1
SUSE-SU-2020:2156-1
SUSE-SU-2020:2478-1
SUSE-SU-2020:2487-1
SUSE-SU-2020_1475-1
SUSE-SU-2020_1486-1
SUSE-SU-2020_1587-1
SUSE-SU-2020_1596-1
SUSE-SU-2020_1597-1
SUSE-SU-2020_1599-1
SUSE-SU-2020_1602-1
SUSE-SU-2020_1603-1
SUSE-SU-2020_1604-1
SUSE-SU-2020_1605-1
SUSE-SU-2020_1663-1
USN-4392-1
USN-4393-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu