Description
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.
CVSS breakdown
CVSS 3.0
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Red Hat / kernelkernel-2.6.32 – kernel-2.6.32
References
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14896
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/
- MISChttps://security.netapp.com/advisory/ntap-20200103-0001/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4228-1/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4227-1/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4226-1/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4225-1/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4228-2/
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4227-2/
- EXPLOIThttp://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html
- MAILING_LISThttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4225-2/
- EXPLOIThttp://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
- MAILING_LISThttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html