Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2019-5108 |
CWE-ID | CWE-20 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU30501
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5108
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 5.0 - 5.2.21
External linkshttp://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
http://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e
http://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
http://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
http://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
http://security.netapp.com/advisory/ntap-20200204-0002/
http://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
http://usn.ubuntu.com/4285-1/
http://usn.ubuntu.com/4286-1/
http://usn.ubuntu.com/4286-2/
http://usn.ubuntu.com/4287-1/
http://usn.ubuntu.com/4287-2/
http://www.debian.org/security/2020/dsa-4698
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.