Bug 1773519 (CVE-2019-14901)
Summary: | CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | acaringi, airlied, asavkov, bdettelb, bhu, blc, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, joe.lawrence, john.j5live, jonathan, josef, jpoimboe, jross, jschorr, jshortt, jstancek, jthierry, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, masami256, matt, mchehab, mcressma, mjg59, mlangsdo, msiddiqu, nmurray, plougher, qzhao, rhandlin, rt-maint, rvrbovsk, security-response-team, steved, williams, ycote, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A heap overflow flaw was found in the Linux kernel's Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-01-23 02:10:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1776156, 1776157, 1776158, 1776159, 1776160, 1776161, 1776162, 1776163, 1776165, 1776166, 1776167, 1776168, 1776169, 1776170, 1776171, 1776172, 1776173, 1776174, 1776175, 1776176, 1776184 | ||
Bug Blocks: | 1773521 |
Description
Dhananjay Arunesh
2019-11-18 10:48:37 UTC
Proposed patch: https://patchwork.kernel.org/patch/11257535/ Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1776184] Acknowledgments: Name: Huangwen and Wang Qize (ADLab of VenusTech) This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0204 https://access.redhat.com/errata/RHSA-2020:0204 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-14901 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0374 https://access.redhat.com/errata/RHSA-2020:0374 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0375 https://access.redhat.com/errata/RHSA-2020:0375 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1493 https://access.redhat.com/errata/RHSA-2020:1493 |