Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2019-14815
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.2/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
CVSSv3.1 Score
- Severity
- High
- Base Score
- 7.8/10
- Exploit Score
- 1.8/10
- Access Vector
- Local
- Access Complexity
- Low
- Privileges Required
- Low
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Yes
|
4.20 | 5.2.17 | |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Yes
|
4.10 | 4.14.146 | |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Yes
|
4.15 | 4.19.75 | |
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_\(struct |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_en |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_en |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_en |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_en |
Yes
|
- | - | |
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus: |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*: |
Yes
|
- | - | |
cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:h:netapp:baseboard_management_controller:-:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_f |
Yes
|
- | - | |
cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://access.redhat.com/security/cve/cve-2019-14815
- https://access.redhat.com/errata/RHSA-2020:0174
- https://access.redhat.com/errata/RHSA-2020:0328
- https://access.redhat.com/errata/RHSA-2020:0339
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
- https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com