First published: Thu Oct 17 2019(Updated: )
A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as "Notice of Absence" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-754.29.1.el6 | 0:2.6.32-754.29.1.el6 |
redhat/kernel-rt | <0:3.10.0-1062.18.1.rt56.1044.el7 | 0:3.10.0-1062.18.1.rt56.1044.el7 |
redhat/kernel-alt | <0:4.14.0-115.18.1.el7a | 0:4.14.0-115.18.1.el7a |
redhat/kernel | <0:3.10.0-1062.18.1.el7 | 0:3.10.0-1062.18.1.el7 |
redhat/kernel | <0:3.10.0-327.85.1.el7 | 0:3.10.0-327.85.1.el7 |
redhat/kernel | <0:3.10.0-514.74.1.el7 | 0:3.10.0-514.74.1.el7 |
redhat/kernel | <0:3.10.0-693.65.1.el7 | 0:3.10.0-693.65.1.el7 |
redhat/kernel | <0:3.10.0-862.48.1.el7 | 0:3.10.0-862.48.1.el7 |
redhat/kernel | <0:3.10.0-957.48.1.el7 | 0:3.10.0-957.48.1.el7 |
redhat/kernel-rt | <0:4.18.0-147.5.1.rt24.98.el8_1 | 0:4.18.0-147.5.1.rt24.98.el8_1 |
redhat/kernel | <0:4.18.0-147.5.1.el8_1 | 0:4.18.0-147.5.1.el8_1 |
redhat/kernel | <0:4.18.0-80.16.1.el8_0 | 0:4.18.0-80.16.1.el8_0 |
redhat/kernel-rt | <1:3.10.0-693.65.1.rt56.663.el6 | 1:3.10.0-693.65.1.rt56.663.el6 |
Linux Linux kernel | <3.16.77 | |
Linux Linux kernel | >=3.17<4.4.199 | |
Linux Linux kernel | >=4.5<4.9.199 | |
Linux Linux kernel | >=4.10<4.14.152 | |
Linux Linux kernel | >=4.15<4.19.82 | |
Linux Linux kernel | >=4.20<5.2 | |
Linux Linux kernel | >=5.3<5.3.9 | |
Debian Debian Linux | =8.0 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =19.04 | |
Canonical Ubuntu Linux | =19.10 | |
redhat/kernel | <5.3.6 | 5.3.6 |
Google Android | ||
IBM Data Risk Manager | <=2.0.6 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.106-3 6.1.112-1 6.11.4-1 6.11.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)