SB2019093011 - Multiple vulnerabilities in Linux kernel Marvell Wi-Fi chip driver
Published: September 30, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2019-14814)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the mwifiex_update_vs_ie() function in the Marvell Wi-Fi chip driver in Linux kernel. A local user can run a specially crafted application to trigger a heap-based buffer overflow and execute arbitrary code on the system with elevated privileges.
2) Heap-based buffer overflow (CVE-ID: CVE-2019-14815)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the mwifiex_set_uap_rates() function in the Marvell Wi-Fi chip driver in Linux kernel. A local user can run a specially crafted application to trigger a heap-based buffer overflow and execute arbitrary code on the system with elevated privileges.
3) Heap-based buffer overflow (CVE-ID: CVE-2019-14816)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the mwifiex_set_wmm_params() function in the Marvell Wi-Fi chip driver in Linux kernel. A local user can run a specially crafted application to trigger a heap-based buffer overflow and execute arbitrary code on the system with elevated privileges.
Remediation
Install update from vendor's website.
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.17
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.194
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.194
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.75
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.146
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3