CVE-2019-14815

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2019-14815
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://access.redhat.com/errata/RHSA-2020:0174 Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0328 Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0339 Third Party Advisory
https://access.redhat.com/security/cve/cve-2019-14815 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815 Issue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html Mailing List Third Party Advisory
https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com Issue Tracking Mailing List Patch Vendor Advisory
https://security.netapp.com/advisory/ntap-20200103-0001/ Mailing List Patch Third Party Advisory
https://www.openwall.com/lists/oss-security/2019/08/28/1 Mailing List Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_\(structure_a\):7_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
History

13 Jul 2023, 13:33

Type Values Removed Values Added
First Time Redhat enterprise Linux For Real Time
Redhat codeready Linux Builder For Power Little Endian Eus
Netapp altavault
Netapp solidfire
Redhat codeready Linux Builder Eus
Netapp solidfire Baseboard Management Controller Firmware
Redhat enterprise Linux For Ibm Z Systems \(structure A\)
Netapp baseboard Management Controller
Redhat enterprise Linux Server Tus
Netapp
Redhat enterprise Linux For Real Time For Nfv
Redhat enterprise Linux For Real Time Tus
Netapp hci
Netapp steelstore
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux Server Aus
Redhat enterprise Linux For Real Time For Nfv Tus
CPE cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_\(structure_a\):7_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*
References (MISC) https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com - (MISC) https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com - Issue Tracking, Mailing List, Patch, Vendor Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20200103-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20200103-0001/ - Mailing List, Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2020:0174 - (REDHAT) https://access.redhat.com/errata/RHSA-2020:0174 - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Mailing List, Third Party Advisory
References (MISC) https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a - (MISC) https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a - Issue Tracking, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2020:0339 - (REDHAT) https://access.redhat.com/errata/RHSA-2020:0339 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2020:0328 - (REDHAT) https://access.redhat.com/errata/RHSA-2020:0328 - Third Party Advisory
References (MISC) https://access.redhat.com/security/cve/cve-2019-14815 - (MISC) https://access.redhat.com/security/cve/cve-2019-14815 - Third Party Advisory

12 Feb 2023, 23:34

Type Values Removed Values Added
Summary A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch has been provided to remediate this flaw. A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
CWE CWE-787 CWE-122
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1744137', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1744137', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2020:1016', 'name': 'https://access.redhat.com/errata/RHSA-2020:1016', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2019-14815', 'name': 'https://access.redhat.com/security/cve/CVE-2019-14815', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2020:1070', 'name': 'https://access.redhat.com/errata/RHSA-2020:1070', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 16:18

Type Values Removed Values Added
Summary A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch has been provided to remediate this flaw.
References
  • {'url': 'https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc@gmail.com', 'name': 'https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc@gmail.com', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1744137 -
  • (MISC) https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com -
  • (MISC) https://access.redhat.com/errata/RHSA-2020:1070 -
  • (MISC) https://access.redhat.com/errata/RHSA-2020:1016 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2019-14815 -
Information

Published : 2019-11-25 11:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-14815

Mitre link : CVE-2019-14815

CVE.ORG link : CVE-2019-14815

JSON object : View

Products Affected

redhat

  • codeready_linux_builder_eus
  • enterprise_linux
  • enterprise_linux_server_tus
  • enterprise_linux_for_real_time
  • enterprise_linux_for_ibm_z_systems_\(structure_a\)
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_for_real_time_for_nfv_tus
  • codeready_linux_builder_for_power_little_endian_eus
  • enterprise_linux_for_real_time_tus
  • enterprise_linux_server_aus
  • enterprise_linux_for_real_time_for_nfv

netapp

  • steelstore
  • altavault
  • baseboard_management_controller
  • solidfire
  • solidfire_baseboard_management_controller_firmware
  • hci

linux

  • linux_kernel
CWE
CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write