mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
186 lines
7.5 KiB
JSON
186 lines
7.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-14901",
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-400",
|
|
"cweId": "CWE-400"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-122",
|
|
"cweId": "CWE-122"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Red Hat",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "kernel",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "all kernel versions 3.x.x and 4.x.x before 4.18.0"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html",
|
|
"refsource": "MISC",
|
|
"name": "http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0328",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2020:0328"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0339",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2020:0339"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0374",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2020:0374"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0375",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2020:0375"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0204",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2020:0204"
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
|
|
"refsource": "MISC",
|
|
"name": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
|
|
"refsource": "MISC",
|
|
"name": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4226-1/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4226-1/"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
|
|
"refsource": "MISC",
|
|
"name": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
|
|
},
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html",
|
|
"refsource": "MISC",
|
|
"name": "http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/",
|
|
"refsource": "MISC",
|
|
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/"
|
|
},
|
|
{
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/",
|
|
"refsource": "MISC",
|
|
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4225-1/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4225-1/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4225-2/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4225-2/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4227-1/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4227-1/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4227-2/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4227-2/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4228-1/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4228-1/"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/4228-2/",
|
|
"refsource": "MISC",
|
|
"name": "https://usn.ubuntu.com/4228-2/"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14901",
|
|
"refsource": "MISC",
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14901"
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 8.8,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"version": "3.0"
|
|
}
|
|
]
|
|
}
|
|
} |