Bug 1775097 (CVE-2019-19056) - CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS
Summary: CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() f...
Keywords:
Status: NEW
Alias: CVE-2019-19056
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1829227 1829228 1829230 1829231 1775115 1829229
Blocks: 1775108
TreeView+ depends on / blocked
 
Reported: 2019-11-21 12:10 UTC by msiddiqu
Modified: 2020-05-05 14:22 UTC (History)
48 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the way the mwifiex PCIE driver in the Linux kernel handled resource cleanup on a DMA mapping error. This flaw allows an attacker able to trigger the DMA mapping error to crash the system.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description msiddiqu 2019-11-21 12:10:30 UTC
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function indrivers/net/wireless/marvell/mwifiex/pcie.c allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures

Upstream commit:

https://github.com/torvalds/linux/commit/db8fd2cde93227e566a412cf53173ffa227998bc

Comment 1 msiddiqu 2019-11-21 12:19:38 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1775115]

Comment 5 Petr Matousek 2020-04-29 09:01:48 UTC
Mitigation:

In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex_pcie. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .

Comment 6 Petr Matousek 2020-04-29 09:03:01 UTC
Statement:

This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (DMA mapping error).


Note You need to log in before you can comment on or make changes to this bug.