A vulnerability was found in marvell wifi chip driver in Linux kernel. There is a heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c allows remote attackers to cause a denial of service(system crash) or possibly execute arbitrary code. When STA connects to AP, add_ie_rates function will be called for STA.
Upstream patch: https://patchwork.kernel.org/patch/11257187/
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1776143]
Acknowledgments: Name: ADLab of Venustech
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:3548 https://access.redhat.com/errata/RHSA-2020:3548
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-14896