1. Home
  2. Vulnerabilities
  3. CVE-2019-14895

CVE-2019-14895

CVSS v3.1 9.8 (Critical)
98% Progress
CVSS v2.0 7.5 (High)
75% Progress
EPSS 1.09 % (85th)
1.09% Progress
Affected Products 5
Advisories 51
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.

Weaknesses
CWE-122
Heap-based Buffer Overflow
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2019-11-29 14:15:11
(4 years ago)
Updated Date
2023-02-12 23:36:37
(19 months ago)

Affected Products

Canonical

Debian

Fedoraproject

Linux

Opensuse

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.7 version and prior 3.16.81 version cpe:2.3:o:linux:linux_kernel >= 3.7 < 3.16.81
  Linux Kernel from 3.17 version and prior 4.4.210 version cpe:2.3:o:linux:linux_kernel >= 3.17 < 4.4.210
  Linux Kernel from 4.5 version and prior 4.9.210 version cpe:2.3:o:linux:linux_kernel >= 4.5 < 4.9.210
  Linux Kernel from 4.10 version and prior 4.14.165 version cpe:2.3:o:linux:linux_kernel >= 4.10 < 4.14.165
  Linux Kernel from 4.15 version and prior 4.19.96 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.96
  Linux Kernel from 4.20 version and prior 5.4.12 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.12

Configuration #2

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 19.04 cpe:2.3:o:canonical:ubuntu_linux:19.04
  Canonical Ubuntu Linux 19.10 cpe:2.3:o:canonical:ubuntu_linux:19.10

Configuration #4

    CPE23 From Up To
  Fedoraproject Fedora 30 cpe:2.3:o:fedoraproject:fedora:30
  Fedoraproject Fedora 31 cpe:2.3:o:fedoraproject:fedora:31

Configuration #5

    CPE23 From Up To
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1