Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-14901
HistoryNov 29, 2019 - 12:00 a.m.

CVE-2019-14901

2019-11-2900:00:00
ubuntu.com
ubuntu.com
30
marvell wifi chip
heap overflow
remote attacker
denial of service
execute code
root permissions
system crash
linux kernel
confidentiality
integrity
cve-2019-14901
version 3.x.x
version 4.x.x
availability
files.

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.025

Percentile

90.2%

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and
4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows
a remote attacker to cause a system crash, resulting in a denial of
service, or execute arbitrary code. The highest threat with this
vulnerability is with the availability of the system. If code execution
occurs, the code will run with the permissions of root. This will affect
both confidentiality and integrity of files on the system.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux<Β 4.15.0-74.84UNKNOWN
ubuntu19.04noarchlinux<Β 5.0.0-38.41UNKNOWN
ubuntu19.10noarchlinux<Β 5.3.0-26.28UNKNOWN
ubuntu16.04noarchlinux<Β 4.4.0-171.200UNKNOWN
ubuntu18.04noarchlinux-aws<Β 4.15.0-1057.59UNKNOWN
ubuntu19.04noarchlinux-aws<Β 5.0.0-1023.26UNKNOWN
ubuntu19.10noarchlinux-aws<Β 5.3.0-1009.10UNKNOWN
ubuntu14.04noarchlinux-aws<Β 4.4.0-1060.64UNKNOWN
ubuntu16.04noarchlinux-aws<Β 4.4.0-1100.111UNKNOWN
ubuntu18.04noarchlinux-aws-5.0<Β 5.0.0-1023.26~18.04.1UNKNOWN
Rows per page:
1-10 of 461

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.025

Percentile

90.2%