Linux kernel vulnerabilities CVE-2019-14815, CVE-2019-14895, CVE-2019-14901, CVE-2019-19055


* [CVE-2019-14815](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14815>) A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. * [CVE-2019-14895](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14895>) A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. * [CVE-2019-14901](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14901>) A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. * [CVE-2019-19055](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19055>) ** [DISPUTED](<https://cve.mitre.org/about/faqs.html#disputed_signify_in_cve_entry>) ** A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred. Impact There is no impact; F5 products are not affected by this vulnerability.

Affected Software

CPE Name Name Version
big-iq centralized management 7.0.0
big-ip aam 15.1.0
big-ip afm 15.1.0
big-ip analytics 15.1.0
big-ip asm 15.1.0
big-ip dns 15.1.0
big-ip fps 15.1.0
big-ip gtm 15.1.0
big-ip link controller 15.1.0
big-ip ltm 15.1.0
big-ip pem 15.1.0
traffix sdc 5.1.0