ID CVE-2019-14896
Summary A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 03-01-2020 - 11:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
bugzilla
id 1774875
title CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 6 is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • OR
      • comment kernel earlier than 0:2.6.32-754.33.1.el6 is currently running
        oval oval:com.redhat.rhsa:tst:20203548027
      • comment kernel earlier than 0:2.6.32-754.33.1.el6 is set to boot up on next boot
        oval oval:com.redhat.rhsa:tst:20203548028
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548001
        • comment kernel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842002
      • AND
        • comment kernel-abi-whitelists is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548003
        • comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131645004
      • AND
        • comment kernel-bootwrapper is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548005
        • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842004
      • AND
        • comment kernel-debug is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548007
        • comment kernel-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842006
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548009
        • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842008
      • AND
        • comment kernel-devel is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548011
        • comment kernel-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842010
      • AND
        • comment kernel-doc is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548013
        • comment kernel-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842012
      • AND
        • comment kernel-firmware is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548015
        • comment kernel-firmware is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842014
      • AND
        • comment kernel-headers is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548017
        • comment kernel-headers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842016
      • AND
        • comment kernel-kdump is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548019
        • comment kernel-kdump is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842018
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548021
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842020
      • AND
        • comment perf is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548023
        • comment perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842022
      • AND
        • comment python-perf is earlier than 0:2.6.32-754.33.1.el6
          oval oval:com.redhat.rhsa:tst:20203548025
        • comment python-perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111530024
rhsa
id RHSA-2020:3548
released 2020-08-25
severity Important
title RHSA-2020:3548: kernel security and bug fix update (Important)
rpms
  • kernel-0:2.6.32-754.33.1.el6
  • kernel-abi-whitelists-0:2.6.32-754.33.1.el6
  • kernel-bootwrapper-0:2.6.32-754.33.1.el6
  • kernel-debug-0:2.6.32-754.33.1.el6
  • kernel-debug-debuginfo-0:2.6.32-754.33.1.el6
  • kernel-debug-devel-0:2.6.32-754.33.1.el6
  • kernel-debuginfo-0:2.6.32-754.33.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-754.33.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-754.33.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-754.33.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-754.33.1.el6
  • kernel-devel-0:2.6.32-754.33.1.el6
  • kernel-doc-0:2.6.32-754.33.1.el6
  • kernel-firmware-0:2.6.32-754.33.1.el6
  • kernel-headers-0:2.6.32-754.33.1.el6
  • kernel-kdump-0:2.6.32-754.33.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-754.33.1.el6
  • kernel-kdump-devel-0:2.6.32-754.33.1.el6
  • perf-0:2.6.32-754.33.1.el6
  • perf-debuginfo-0:2.6.32-754.33.1.el6
  • python-perf-0:2.6.32-754.33.1.el6
  • python-perf-debuginfo-0:2.6.32-754.33.1.el6
refmap via4
confirm
fedora
  • FEDORA-2019-8846a1a5a2
  • FEDORA-2019-91f6e7bb71
misc
mlist
  • [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
  • [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
suse openSUSE-SU-2020:0336
ubuntu
  • USN-4225-1
  • USN-4225-2
  • USN-4226-1
  • USN-4227-1
  • USN-4227-2
  • USN-4228-1
  • USN-4228-2
Last major update 03-01-2020 - 11:15
Published 27-11-2019 - 09:15
Last modified 03-01-2020 - 11:15
Back to Top