Описание
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code.
Отчет
This flaw is currently rated as Important as it is possible for an attacker to setup a wifi access point with identical configuration in another location and intercept have the system auto connect and possibly be exploited.
Меры по смягчению последствий
This flaw requires a system with marvell wifi network card to be attempting to connect to a attacker controlled wifi network. A temporary mitigation may be to only connect to known-good networks via wifi, or connect to a network via ethernet. Alternatively if wireless networking is not used the mwifiex kernel module can be blacklisted to prevent misuse of the vulnerable code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2019:3089 | 16.10.2019 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2019:3055 | 16.10.2019 |
| Red Hat Enterprise Linux 7 | kpatch-patch | Fixed | RHSA-2019:3076 | 16.10.2019 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2020:0174 | 21.01.2020 |
| Red Hat Enterprise Linux 7.6 Extended Update Support | kernel | Fixed | RHSA-2020:2289 | 26.05.2020 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2019:2741 | 12.09.2019 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2019:2703 | 12.09.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
8 High
CVSS3
Связанные уязвимости
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
A flaw that allowed an attacker to corrupt memory and possibly escalat ...
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
Уязвимость функции mwifiex_update_bss_desc_with_ie ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или выполнить произвольный код
EPSS
8 High
CVSS3