Описание
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
A heap-based buffer overflow was discovered in the Linux kernel's Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2020:0375 | 04.02.2020 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2020:0374 | 04.02.2020 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2020:1493 | 16.04.2020 |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | kernel | Fixed | RHSA-2020:0661 | 03.03.2020 |
| Red Hat Enterprise Linux 7.3 Advanced Update Support | kernel | Fixed | RHSA-2020:0653 | 03.03.2020 |
| Red Hat Enterprise Linux 7.3 Telco Extended Update Support | kernel | Fixed | RHSA-2020:0653 | 03.03.2020 |
| Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions | kernel | Fixed | RHSA-2020:0653 | 03.03.2020 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | kernel | Fixed | RHSA-2020:0592 | 25.02.2020 |
Показывать по
Дополнительная информация
Статус:
8 High
CVSS3
Связанные уязвимости
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
A heap-based buffer overflow was discovered in the Linux kernel, all v ...
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
Уязвимость функции mwifiex_process_country_ie() (drivers/net/wireless/marvell/mwifiex/sta_ioctl.c) драйвера Marvell WiFi ядра операционной системы Linux, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
8 High
CVSS3