A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
12 Feb 2023, 23:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. | |
CWE | CWE-400 CWE-122 |
02 Feb 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
Summary | A heap overflow flaw was found in the Linux kernel's Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. | |
References |
|
|
19 Jan 2023, 16:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
|
First Time |
Debian
Canonical Canonical ubuntu Linux Debian debian Linux |
|
References | (UBUNTU) https://usn.ubuntu.com/4228-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0204 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0374 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4227-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0375 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4225-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0339 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0328 - Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html - Third Party Advisory, VDB Entry | |
References | (UBUNTU) https://usn.ubuntu.com/4225-2/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4226-1/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html - Mailing List, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html - Third Party Advisory, VDB Entry | |
References | (UBUNTU) https://usn.ubuntu.com/4227-2/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4228-2/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Third Party Advisory |
Information
Published : 2019-11-29 15:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-14901
Mitre link : CVE-2019-14901
CVE.ORG link : CVE-2019-14901
JSON object : View
Products Affected
fedoraproject
- fedora
linux
- linux_kernel
debian
- debian_linux
canonical
- ubuntu_linux