CVE-2019-17666: Buffer Overflow
First published: Thu Oct 17 2019(Updated: )
A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as "Notice of Absence" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <0:2.6.32-754.29.1.el6 | 0:2.6.32-754.29.1.el6 |
| redhat/kernel-rt | <0:3.10.0-1062.18.1.rt56.1044.el7 | 0:3.10.0-1062.18.1.rt56.1044.el7 |
| redhat/kernel-alt | <0:4.14.0-115.18.1.el7a | 0:4.14.0-115.18.1.el7a |
| redhat/kernel | <0:3.10.0-1062.18.1.el7 | 0:3.10.0-1062.18.1.el7 |
| redhat/kernel | <0:3.10.0-327.85.1.el7 | 0:3.10.0-327.85.1.el7 |
| redhat/kernel | <0:3.10.0-514.74.1.el7 | 0:3.10.0-514.74.1.el7 |
| redhat/kernel | <0:3.10.0-693.65.1.el7 | 0:3.10.0-693.65.1.el7 |
| redhat/kernel | <0:3.10.0-862.48.1.el7 | 0:3.10.0-862.48.1.el7 |
| redhat/kernel | <0:3.10.0-957.48.1.el7 | 0:3.10.0-957.48.1.el7 |
| redhat/kernel-rt | <0:4.18.0-147.5.1.rt24.98.el8_1 | 0:4.18.0-147.5.1.rt24.98.el8_1 |
| redhat/kernel | <0:4.18.0-147.5.1.el8_1 | 0:4.18.0-147.5.1.el8_1 |
| redhat/kernel | <0:4.18.0-80.16.1.el8_0 | 0:4.18.0-80.16.1.el8_0 |
| redhat/kernel-rt | <1:3.10.0-693.65.1.rt56.663.el6 | 1:3.10.0-693.65.1.rt56.663.el6 |
| redhat/kernel | <5.3.6 | 5.3.6 |
| IBM Data Risk Manager | <=2.0.6 | |
| Linux kernel | <3.16.77 | |
| Linux kernel | >=3.17<4.4.199 | |
| Linux kernel | >=4.5<4.9.199 | |
| Linux kernel | >=4.10<4.14.152 | |
| Linux kernel | >=4.15<4.19.82 | |
| Linux kernel | >=4.20<5.2 | |
| Linux kernel | >=5.3<5.3.9 | |
| Debian | =8.0 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =16.04 | |
| Ubuntu Linux | =18.04 | |
| Ubuntu Linux | =19.04 | |
| Ubuntu Linux | =19.10 | |
| Android | ||
| Linux Kernel | <3.16.77 | |
| Linux Kernel | >=3.17<4.4.199 | |
| Linux Kernel | >=4.5<4.9.199 | |
| Linux Kernel | >=4.10<4.14.152 | |
| Linux Kernel | >=4.15<4.19.82 | |
| Linux Kernel | >=4.20<5.2 | |
| Linux Kernel | >=5.3<5.3.9 | |
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.04 | |
| Ubuntu | =19.10 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.17-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-17666 https://nvd.nist.gov/vuln/detail/CVE-2019-17666 https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c55dedb795be8ec0cf488f98c03a1c2176f7fb1
- https://bugzilla.redhat.com/show_bug.cgi?id=1763690
- https://access.redhat.com/errata/RHSA-2020:1524
- https://access.redhat.com/errata/RHSA-2020:0839
- https://access.redhat.com/errata/RHSA-2020:0740
- https://access.redhat.com/errata/RHSA-2020:0834
- https://access.redhat.com/errata/RHSA-2020:0661
- https://access.redhat.com/errata/RHSA-2020:1473
- https://access.redhat.com/errata/RHSA-2020:1347
- https://access.redhat.com/errata/RHSA-2020:0543
- https://access.redhat.com/errata/RHSA-2020:1465
- https://access.redhat.com/errata/RHSA-2020:0328
- https://access.redhat.com/errata/RHSA-2020:0339
- https://access.redhat.com/errata/RHSA-2020:0831
- https://access.redhat.com/errata/RHSA-2020:1353
- https://access.redhat.com/security/cve/cve-2019-17666
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html
- https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/
- https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRBP4O6D2SQ2NHCRHTJONGCZLWOIV5MN/
- https://lkml.org/lkml/2019/10/16/1226
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://twitter.com/nicowaisman/status/1184864519316758535
- https://usn.ubuntu.com/4183-1/
- https://usn.ubuntu.com/4184-1/
- https://usn.ubuntu.com/4185-1/
- https://usn.ubuntu.com/4186-1/
- https://usn.ubuntu.com/4186-2/
- https://launchpad.net/bugs/cve/CVE-2019-17666
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1763692
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c55dedb795be8ec0cf488f98c03a1c2176f7fb1
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRBP4O6D2SQ2NHCRHTJONGCZLWOIV5MN/
- https://android.googlesource.com/kernel/common/+/ee33af324931688a75bcc741f1b6cfbeb4584596
- https://source.android.com/docs/security/bulletin/2020-01-01 (Advisory)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/169487
- https://www.ibm.com/support/pages/node/6335281 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17666
- https://nvd.nist.gov/vuln/detail/CVE-2019-17666
- https://security-tracker.debian.org/tracker/CVE-2019-17666
- https://ubuntu.com/security/CVE-2019-17666
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2019-17666?
CVE-2019-17666 has a severity rating of high due to its potential to allow unauthorized access to sensitive data or network resources.
How do I fix CVE-2019-17666?
To fix CVE-2019-17666, update the kernel to the latest version available as specified in the security patches provided by your distribution.
Which versions of the Linux kernel are affected by CVE-2019-17666?
CVE-2019-17666 affects various versions of the Linux kernel including 2.6.32, 3.10, and certain 4.x versions.
Can CVE-2019-17666 exploit be mitigated?
Mitigation for CVE-2019-17666 can be achieved by disabling WiFi-Direct functionality if it is not required.
Is there a public proof of concept for CVE-2019-17666?
Currently, there are no widely known public proofs of concept for CVE-2019-17666.
- collector/redhat-cve
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-17666
- agent/software-canonical-lookup
- collector/ibm-support
- source/IBM
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/android-source
- source/Android
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-cve
- source/NVD
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.17
- version/linux kernel/4.5
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.3
- vendor/debian
- canonical/debian
- version/debian/8.0
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- version/ubuntu linux/16.04
- version/ubuntu linux/18.04
- version/ubuntu linux/19.04
- version/ubuntu linux/19.10
- vendor/google
- canonical/android
- canonical/ubuntu
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.04
- version/ubuntu/19.10
- package-manager/debian