CVE-2019-14816: Buffer Overflow
First published: Wed Aug 21 2019(Updated: )
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This flaw affects the network interface at the most basic level meaning the attacker only needs to affiliate with the same network device as the vulnerable system to create an attack path.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1062.12.1.rt56.1042.el7 | 0:3.10.0-1062.12.1.rt56.1042.el7 |
| redhat/kernel-alt | <0:4.14.0-115.17.1.el7a | 0:4.14.0-115.17.1.el7a |
| redhat/kernel | <0:3.10.0-1062.12.1.el7 | 0:3.10.0-1062.12.1.el7 |
| redhat/kernel | <0:3.10.0-327.85.1.el7 | 0:3.10.0-327.85.1.el7 |
| redhat/kernel | <0:3.10.0-514.73.1.el7 | 0:3.10.0-514.73.1.el7 |
| redhat/kernel | <0:3.10.0-693.65.1.el7 | 0:3.10.0-693.65.1.el7 |
| redhat/kernel | <0:3.10.0-862.51.1.el7 | 0:3.10.0-862.51.1.el7 |
| redhat/kernel | <0:3.10.0-957.46.1.el7 | 0:3.10.0-957.46.1.el7 |
| redhat/kernel-rt | <0:4.18.0-147.5.1.rt24.98.el8_1 | 0:4.18.0-147.5.1.rt24.98.el8_1 |
| redhat/kernel | <0:4.18.0-147.5.1.el8_1 | 0:4.18.0-147.5.1.el8_1 |
| redhat/kernel | <0:4.18.0-80.15.1.el8_0 | 0:4.18.0-80.15.1.el8_0 |
| redhat/kernel-rt | <1:3.10.0-693.65.1.rt56.663.el6 | 1:3.10.0-693.65.1.rt56.663.el6 |
| IBM Data Risk Manager | <=2.0.6 | |
| Linux Kernel | >=3.6<3.16.74 | |
| Linux Kernel | >=3.17<4.4.194 | |
| Linux Kernel | >=4.5<4.9.194 | |
| Linux Kernel | >=4.10<4.14.146 | |
| Linux Kernel | >=4.15<4.19.75 | |
| Linux Kernel | >=4.20<5.2.17 | |
| Red Hat Enterprise Virtualization | =4.0 | |
| Red Hat Enterprise Linux | =5.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =6.4 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux | =7.6 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux Compute Node EUS | =7.6 | |
| redhat enterprise Linux eus | =7.6 | |
| redhat enterprise Linux eus | =7.7 | |
| redhat enterprise Linux eus | =8.1 | |
| redhat enterprise Linux eus | =8.2 | |
| redhat enterprise Linux eus | =8.4 | |
| redhat enterprise Linux for power big endian eus | =7.6_ppc64 | |
| redhat enterprise Linux for real time | =7 | |
| redhat enterprise Linux for real time | =8 | |
| redhat enterprise Linux for real time for nfv | =7 | |
| redhat enterprise Linux for real time for nfv | =8 | |
| redhat enterprise Linux for real time for nfv tus | =8.2 | |
| redhat enterprise Linux for real time for nfv tus | =8.4 | |
| redhat enterprise Linux for real time tus | =8.2 | |
| redhat enterprise Linux for real time tus | =8.4 | |
| redhat enterprise Linux server | =7.6 | |
| redhat enterprise Linux server | =8.0 | |
| redhat enterprise Linux server aus | =7.2 | |
| redhat enterprise Linux server aus | =7.3 | |
| redhat enterprise Linux server aus | =7.6 | |
| redhat enterprise Linux server aus | =8.2 | |
| redhat enterprise Linux server aus | =8.4 | |
| redhat enterprise Linux server tus | =7.3 | |
| redhat enterprise Linux server tus | =7.6 | |
| redhat enterprise Linux server tus | =8.2 | |
| redhat enterprise Linux server tus | =8.4 | |
| redhat enterprise linux tus | =7.7 | |
| Red Hat Messaging Realtime Grid | =2.0 | |
| Red Hat Enterprise Virtualization | =4.2 | |
| Debian GNU/Linux | =8.0 | |
| Fedoraproject Fedora | =29 | |
| Fedoraproject Fedora | =30 | |
| netapp data availability services | ||
| netapp hci management node | ||
| NetApp Service Processor | ||
| netapp solidfire | ||
| NetApp SteelStore | ||
| All of | ||
| NetApp AFF A700s Firmware | ||
| netapp a700s | ||
| All of | ||
| NetApp AFF A320 Firmware | ||
| NetApp AFF A320 | ||
| All of | ||
| NetApp AFF C190 Firmware | ||
| NetApp AFF C190 | ||
| All of | ||
| NetApp AFF A220 Firmware | ||
| NetApp AFF A220 | ||
| All of | ||
| NetApp FAS2700 Firmware | ||
| netapp fas2720 | ||
| All of | ||
| NetApp FAS2700 Firmware | ||
| netapp fas2750 | ||
| All of | ||
| NetApp AFF A800 Firmware | ||
| NetApp AFF A800 | ||
| All of | ||
| netapp h300s firmware | ||
| netapp h300s | ||
| All of | ||
| NetApp H500S Firmware | ||
| netapp h500s | ||
| All of | ||
| netapp h700s firmware | ||
| netapp h700s | ||
| All of | ||
| netapp h300e firmware | ||
| netapp h300e | ||
| All of | ||
| netapp h500e firmware | ||
| netapp h500e | ||
| All of | ||
| netapp h700e firmware | ||
| netapp h700e | ||
| All of | ||
| netapp h410s firmware | ||
| netapp h410s | ||
| All of | ||
| netapp h610s firmware | ||
| netapp h610s | ||
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =16.04 | |
| Ubuntu Linux | =18.04 | |
| Ubuntu Linux | =19.04 | |
| openSUSE | =15.0 | |
| openSUSE | =15.1 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.13-1 | |
| Debian | =8.0 | |
| Fedora | =29 | |
| Fedora | =30 | |
| NetApp AFF A700s Firmware | ||
| netapp a700s | ||
| NetApp AFF A320 Firmware | ||
| NetApp AFF A320 | ||
| NetApp AFF C190 Firmware | ||
| NetApp AFF C190 | ||
| NetApp AFF A220 Firmware | ||
| NetApp AFF A220 | ||
| NetApp FAS2700 Firmware | ||
| netapp fas2720 | ||
| NetApp FAS2700 Firmware | ||
| netapp fas2750 | ||
| NetApp AFF A800 Firmware | ||
| NetApp AFF A800 | ||
| netapp h300s firmware | ||
| netapp h300s | ||
| NetApp H500S Firmware | ||
| netapp h500s | ||
| netapp h700s firmware | ||
| netapp h700s | ||
| netapp h300e firmware | ||
| netapp h300e | ||
| netapp h500e firmware | ||
| netapp h500e | ||
| netapp h700e firmware | ||
| netapp h700e | ||
| netapp h410s firmware | ||
| netapp h410s | ||
| netapp h610s firmware | ||
| netapp h610s | ||
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.04 |
Remedy
At this time there is no mitigation to the flaw, if you are able to disable wireless and your system is able to work this will be a temporary mitigation until a kernel update is available for installation.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-14816 https://nvd.nist.gov/vuln/detail/CVE-2019-14816 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://bugzilla.redhat.com/show_bug.cgi?id=1744149
- https://access.redhat.com/errata/RHSA-2020:0375
- https://access.redhat.com/errata/RHSA-2020:0174
- https://access.redhat.com/errata/RHSA-2020:0374
- https://access.redhat.com/errata/RHSA-2020:0661
- https://access.redhat.com/errata/RHSA-2020:0653
- https://access.redhat.com/errata/RHSA-2020:1347
- https://access.redhat.com/errata/RHSA-2020:1266
- https://access.redhat.com/errata/RHSA-2020:0664
- https://access.redhat.com/errata/RHSA-2020:0328
- https://access.redhat.com/errata/RHSA-2020:0339
- https://access.redhat.com/errata/RHSA-2020:0204
- https://access.redhat.com/errata/RHSA-2020:1353
- https://access.redhat.com/security/cve/cve-2019-14816
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://seclists.org/bugtraq/2019/Nov/11
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/
- https://usn.ubuntu.com/4157-1/
- https://usn.ubuntu.com/4157-2/
- https://usn.ubuntu.com/4162-1/
- https://usn.ubuntu.com/4162-2/
- https://usn.ubuntu.com/4163-1/
- https://usn.ubuntu.com/4163-2/
- https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
- http://www.openwall.com/lists/oss-security/2019/08/28/1
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816
- https://security.netapp.com/advisory/ntap-20191031-0005/
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
- https://launchpad.net/bugs/cve/CVE-2019-14816
- https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc@gmail.com/
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1776607
- https://exchange.xforce.ibmcloud.com/vulnerabilities/166017
- https://www.ibm.com/support/pages/node/6335281 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816
- https://nvd.nist.gov/vuln/detail/CVE-2019-14816
- https://security-tracker.debian.org/tracker/CVE-2019-14816
- https://ubuntu.com/security/CVE-2019-14816
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-14816
- agent/weakness
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/references
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.6
- version/linux kernel/3.17
- version/linux kernel/4.5
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- vendor/redhat
- canonical/red hat enterprise virtualization
- version/red hat enterprise virtualization/4.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5.0
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/6.4
- version/red hat enterprise linux/7.0
- version/red hat enterprise linux/7.6
- version/red hat enterprise linux/8.0
- canonical/red hat enterprise linux compute node eus
- version/red hat enterprise linux compute node eus/7.6
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/7.6
- version/redhat enterprise linux eus/7.7
- version/redhat enterprise linux eus/8.1
- version/redhat enterprise linux eus/8.2
- version/redhat enterprise linux eus/8.4
- canonical/redhat enterprise linux for power big endian eus
- version/redhat enterprise linux for power big endian eus/7.6_ppc64
- canonical/redhat enterprise linux for real time
- version/redhat enterprise linux for real time/7
- version/redhat enterprise linux for real time/8
- canonical/redhat enterprise linux for real time for nfv
- version/redhat enterprise linux for real time for nfv/7
- version/redhat enterprise linux for real time for nfv/8
- canonical/redhat enterprise linux for real time for nfv tus
- version/redhat enterprise linux for real time for nfv tus/8.2
- version/redhat enterprise linux for real time for nfv tus/8.4
- canonical/redhat enterprise linux for real time tus
- version/redhat enterprise linux for real time tus/8.2
- version/redhat enterprise linux for real time tus/8.4
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.6
- version/redhat enterprise linux server/8.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- version/redhat enterprise linux server aus/7.6
- version/redhat enterprise linux server aus/8.2
- version/redhat enterprise linux server aus/8.4
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.6
- version/redhat enterprise linux server tus/8.2
- version/redhat enterprise linux server tus/8.4
- canonical/redhat enterprise linux tus
- version/redhat enterprise linux tus/7.7
- canonical/red hat messaging realtime grid
- version/red hat messaging realtime grid/2.0
- version/red hat enterprise virtualization/4.2
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/8.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/29
- version/fedoraproject fedora/30
- vendor/netapp
- canonical/netapp data availability services
- canonical/netapp hci management node
- canonical/netapp service processor
- canonical/netapp solidfire
- canonical/netapp steelstore
- canonical/netapp aff a700s firmware
- canonical/netapp a700s
- canonical/netapp aff a320 firmware
- canonical/netapp aff a320
- canonical/netapp aff c190 firmware
- canonical/netapp aff c190
- canonical/netapp aff a220 firmware
- canonical/netapp aff a220
- canonical/netapp fas2700 firmware
- canonical/netapp fas2720
- canonical/netapp fas2750
- canonical/netapp aff a800 firmware
- canonical/netapp aff a800
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h300e firmware
- canonical/netapp h300e
- canonical/netapp h500e firmware
- canonical/netapp h500e
- canonical/netapp h700e firmware
- canonical/netapp h700e
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/netapp h610s firmware
- canonical/netapp h610s
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- version/ubuntu linux/16.04
- version/ubuntu linux/18.04
- version/ubuntu linux/19.04
- vendor/opensuse
- canonical/opensuse
- version/opensuse/15.0
- version/opensuse/15.1
- package-manager/debian
- canonical/debian
- version/debian/8.0
- canonical/fedora
- version/fedora/29
- version/fedora/30
- canonical/ubuntu
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.04