A flaw was found in the Linux kernels implementation of marvell wifi driver which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution.
Upstream patch: https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc@gmail.com/
Acknowledgments: Name: Huangwen (ADLab of Venustech)
*contents deleted*
References: https://www.openwall.com/lists/oss-security/2019/08/28/1
External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a
Leaving this flaw rated as moderate due to the local privs required to activate this flaw already.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1780612]
This was fixed for Fedora with the 5.2.17 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0174
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-14814
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339