SB2019112645 - Fedora 31 update for kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019112645

SB2019112645 - Fedora 31 update for kernel

Published: November 26, 2019 Updated: April 25, 2025

Security Bulletin ID SB2019112645
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 60% Medium 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2019-14901)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in Marvell WiFi chip driver within the "mwifiex_process_tdls_action_frame()" function in "marvell/mwifiex/tdls.c". A remote attacker on the local network can send a specially crafted network traffic, trigger out-of-bounds write and execute arbitrary code on the target system.


2) Out-of-bounds write (CVE-ID: CVE-2019-14895)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.


3) Out-of-bounds write (CVE-ID: CVE-2019-14896)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.


4) Out-of-bounds write (CVE-ID: CVE-2019-14897)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.


5) Memory leak (CVE-ID: CVE-2019-19078)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "ath10k_usb_hif_tx_sg()" function in "drivers/net/wireless/ath/ath10k/usb.c" file. A remote attacker can cause a denial of service condition (memory consumption) by triggering "usb_submit_urb()" failures.


Remediation

Install update from vendor's website.

References