Описание
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as "Notice of Absence" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2020:1524 | 22.04.2020 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2020:0839 | 17.03.2020 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2020:0740 | 09.03.2020 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2020:0834 | 17.03.2020 |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | kernel | Fixed | RHSA-2020:0661 | 03.03.2020 |
| Red Hat Enterprise Linux 7.3 Advanced Update Support | kernel | Fixed | RHSA-2020:1473 | 14.04.2020 |
| Red Hat Enterprise Linux 7.3 Telco Extended Update Support | kernel | Fixed | RHSA-2020:1473 | 14.04.2020 |
| Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions | kernel | Fixed | RHSA-2020:1473 | 14.04.2020 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | kernel | Fixed | RHSA-2020:1347 | 07.04.2020 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
6.3 Medium
CVSS3
Связанные уязвимости
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Lin ...
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
Уязвимость функции rtl_p2p_noa_ie из drivers/net/wireless/realtek/rtlwifi/ps.c ядра операционной системы Linux, связанная с переполнением буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
6.3 Medium
CVSS3