Bug 2027798 (CVE-2019-0136) - CVE-2019-0136 kernel: insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver may allow an unauthenticated user to potentially enable DoS via adjacent access
Summary: CVE-2019-0136 kernel: insufficient access control in the Intel(R) PROSet/Wire...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2019-0136
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2027799
Blocks: Embargoed2027471
TreeView+ depends on / blocked
 
Reported: 2021-11-30 17:12 UTC by Guilherme de Almeida Suckevicz
Modified: 2021-12-02 13:58 UTC (History)
43 users (show)

Fixed In Version: kernel 5.2
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel’s implementation of wireless drivers for the Intel PROset wireless hardware. This flaw allows an unauthorized attacker within the wireless radio range to cause the driver and the system to disconnect from the wireless network, triggering the operating system to lose network connectivity while the system is not connected. The highest threat from this vulnerability is system availability.
Clone Of:
Environment:
Last Closed: 2021-12-02 04:38:46 UTC

Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-11-30 17:12:56 UTC 
A flaw was found in the Linux kernels implementation of wireless drivers for intel PROset wireleless hardware. An unauthorized attacker within wireless radio range can attack the driver and cause the system to disconnect from the wireless network triggering the operating system to loose network connectivity while the system is not connected.

Reference:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html

Upstream:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=79c92ca42b5a3e0ea172ea2ce8df8e125af237da
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=588f7d39b3592a36fb7702ae3b8bdd9be4621e2f
Comment 1 Guilherme de Almeida Suckevicz 2021-11-30 17:13:34 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2027799]
Comment 2 juneau 2021-11-30 19:59:43 UTC 
Hosted OSD, Other Services "notaffected" for unused wireless hardware driver.
Comment 4 Justin M. Forbes 2021-12-01 12:46:50 UTC 
This was fixed for Fedora with the 5.1.15 stable kernel updates.
Comment 8 Product Security DevOps Team 2021-12-02 04:38:43 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-0136
Note You need to log in before you can comment on or make changes to this bug.