Lucene search

K
cvelistRedhatCVELIST:CVE-2019-14897
HistoryNov 29, 2019 - 2:00 p.m.

CVE-2019-14897

2019-11-2914:00:18
CWE-121
redhat
www.cve.org
10
linux kernel
marvell wifi
buffer overflow
denial of service
arbitrary code
sta
ibss.

CVSS3

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

AI Score

9.7

Confidence

High

EPSS

0.011

Percentile

84.2%

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "Red Hat",
    "versions": [
      {
        "status": "affected",
        "version": "version kernel-2.6.32"
      }
    ]
  }
]

References

CVSS3

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

AI Score

9.7

Confidence

High

EPSS

0.011

Percentile

84.2%