#VU17381 Memory corruption in Marvell Technology products - CVE-2019-6496

Cybersecurity Help s.r.o.

Published: 2019-02-06

Vulnerability identifier: #VU17381

Vulnerability risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-6496

CWE-ID: CWE-119

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Avastar 88W8897
Hardware solutions / Firmware
Avastar 88W8801
Hardware solutions / Firmware
Avastar 88W8797
Hardware solutions / Firmware
Avastar 88W8787
Hardware solutions / Firmware

Vendor: Marvell Technology

Description
The vulnerability allows an adjacent unauthenticated attacker to execute arbitrary code on the host system.

The weakness exists due to a block pool memory overflow during Wi-Fi network scans. An adjacent attacker within Wi-Fi radio range can overwrite certain block pool data structures to intercept network traffic or execute arbitrary code on a system with a vulnerable Marvell SoC.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Avastar 88W8897: All versions

Avastar 88W8801: All versions

Avastar 88W8797: All versions

Avastar 88W8787: All versions

External links
https://kb.cert.org/vuls/id/730261/
https://ru.scribd.com/document/398350818/WiFi-CVE-2019-6496-Marvell-s-Statement

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Marvell Avastar