Bug 1744130 (CVE-2019-14814) - CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS
Summary: CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of M...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-14814
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1775474 1775475 1775476 1775477 1775478 1775479 1776618 1776622 1780612 1785195 1785196
Blocks: 1744131
TreeView+ depends on / blocked
 
Reported: 2019-08-21 12:24 UTC by Marian Rehak
Modified: 2023-05-12 21:16 UTC (History)
47 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel’s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution.
Clone Of:
Environment:
Last Closed: 2020-01-21 20:09:39 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:0455 0 None None None 2020-02-10 01:48:58 UTC
Red Hat Product Errata RHBA-2020:0554 0 None None None 2020-02-19 21:45:05 UTC
Red Hat Product Errata RHSA-2020:0174 0 None None None 2020-01-21 15:50:00 UTC
Red Hat Product Errata RHSA-2020:0328 0 None None None 2020-02-04 08:51:55 UTC
Red Hat Product Errata RHSA-2020:0339 0 None None None 2020-02-04 13:11:57 UTC

Description Marian Rehak 2019-08-21 12:24:31 UTC
A flaw was found in the Linux kernels implementation of marvell wifi driver which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution.

Comment 2 msiddiqu 2019-08-28 19:57:57 UTC
Acknowledgments:

Name: Huangwen (ADLab of Venustech)

Comment 3 msiddiqu 2019-08-28 20:01:15 UTC
*contents deleted*

Comment 4 msiddiqu 2019-08-28 20:01:20 UTC
References: 

https://www.openwall.com/lists/oss-security/2019/08/28/1

Comment 7 Wade Mealing 2019-11-22 03:57:20 UTC
Leaving this flaw rated as moderate due to the local privs required to activate this flaw already.

Comment 10 Petr Matousek 2019-12-06 14:08:16 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1780612]

Comment 11 Justin M. Forbes 2019-12-06 23:15:28 UTC
This was fixed for Fedora with the 5.2.17 stable kernel updates.

Comment 13 errata-xmlrpc 2020-01-21 15:49:56 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0174

Comment 14 Product Security DevOps Team 2020-01-21 20:09:39 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-14814

Comment 15 errata-xmlrpc 2020-02-04 08:51:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328

Comment 16 errata-xmlrpc 2020-02-04 13:11:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339


Note You need to log in before you can comment on or make changes to this bug.