{ "threat_severity" : "Important", "public_date" : "2019-11-25T08:29:00Z", "bugzilla" : { "description" : "kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c", "id" : "1774870", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1774870" }, "cvss3" : { "cvss3_base_score" : "8.0", "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-122", "details" : [ "A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.", "A heap-based buffer overflow was discovered in the Linux kernel's Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code." ], "acknowledgement" : "Red Hat would like to thank ADLab of Venustech for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-02-04T00:00:00Z", "advisory" : "RHSA-2020:0375", "cpe" : "cpe:/a:redhat:rhel_extras_rt:7", "package" : "kernel-rt-0:3.10.0-1062.12.1.rt56.1042.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-02-04T00:00:00Z", "advisory" : "RHSA-2020:0374", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kernel-0:3.10.0-1062.12.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-04-16T00:00:00Z", "advisory" : "RHSA-2020:1493", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kernel-alt-0:4.14.0-115.19.1.el7a" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0661", "cpe" : "cpe:/o:redhat:rhel_aus:7.2", "package" : "kernel-0:3.10.0-327.85.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0653", "cpe" : "cpe:/o:redhat:rhel_aus:7.3", "package" : "kernel-0:3.10.0-514.73.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0653", "cpe" : "cpe:/o:redhat:rhel_tus:7.3", "package" : "kernel-0:3.10.0-514.73.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0653", "cpe" : "cpe:/o:redhat:rhel_e4s:7.3", "package" : "kernel-0:3.10.0-514.73.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date" : "2020-02-25T00:00:00Z", "advisory" : "RHSA-2020:0592", "cpe" : "cpe:/o:redhat:rhel_aus:7.4", "package" : "kernel-0:3.10.0-693.64.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date" : "2020-02-25T00:00:00Z", "advisory" : "RHSA-2020:0592", "cpe" : "cpe:/o:redhat:rhel_tus:7.4", "package" : "kernel-0:3.10.0-693.64.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date" : "2020-02-25T00:00:00Z", "advisory" : "RHSA-2020:0592", "cpe" : "cpe:/o:redhat:rhel_e4s:7.4", "package" : "kernel-0:3.10.0-693.64.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.5 Extended Update Support", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHSA-2020:0543", "cpe" : "cpe:/o:redhat:rhel_eus:7.5", "package" : "kernel-0:3.10.0-862.48.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0664", "cpe" : "cpe:/o:redhat:rhel_eus:7.6", "package" : "kernel-0:3.10.0-957.46.1.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-02-04T00:00:00Z", "advisory" : "RHSA-2020:0328", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-147.5.1.rt24.98.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-02-04T00:00:00Z", "advisory" : "RHSA-2020:0339", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-147.5.1.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date" : "2020-03-17T00:00:00Z", "advisory" : "RHSA-2020:0831", "cpe" : "cpe:/o:redhat:rhel_e4s:8.0", "package" : "kernel-0:4.18.0-80.16.1.el8_0" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2020-02-26T00:00:00Z", "advisory" : "RHSA-2020:0609", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-1:3.10.0-693.64.1.rt56.662.el6rt" }, { "product_name" : "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date" : "2020-03-03T00:00:00Z", "advisory" : "RHSA-2020:0664", "cpe" : "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package" : "kernel-0:3.10.0-957.46.1.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-14895\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14895\nhttps://www.openwall.com/lists/oss-security/2019/11/22/2" ], "name" : "CVE-2019-14895", "csaw" : false }