{"containers": {"cna": {"affected": [{"product": "kernel", "vendor": "Linux", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-03-02T19:06:57", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/cve-2019-14815"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815"}, {"tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://www.openwall.com/lists/oss-security/2019/08/28/1"}, {"tags": ["x_refsource_MISC"], "url": "https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20200103-0001/"}, {"name": "RHSA-2020:0174", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0174"}, {"name": "RHSA-2020:0328", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0328"}, {"name": "RHSA-2020:0339", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0339"}, {"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:26:38.908Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/cve-2019-14815"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815"}, {"tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2019/08/28/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20200103-0001/"}, {"name": "RHSA-2020:0174", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0174"}, {"name": "RHSA-2020:0328", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0328"}, {"name": "RHSA-2020:0339", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0339"}, {"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-14815", "datePublished": "2019-11-25T10:51:15", "dateReserved": "2019-08-10T00:00:00", "dateUpdated": "2024-08-05T00:26:38.908Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C65CE90-5501-47F6-8BFC-3830DB93E589", "versionEndExcluding": "4.14.146", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9AA60C22-26FE-4EF4-A601-BA1D3D34BF19", "versionEndExcluding": "4.19.75", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD5B11F2-8CE8-4114-BF86-ECA38F11FD5D", "versionEndExcluding": "5.2.17", "versionStartIncluding": "4.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "445D0C8B-E07B-4F58-9F88-D5B244DAF41B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "860EA789-CC44-409C-882D-4FC4CAB42912", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "B399239A-5211-4174-9A47-A71DBA786426", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BE16CC2-C6B4-4B73-98A1-F28475A92F49", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DEA6297-5FDB-473C-96EA-3A2506D149A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA736720-2D58-4E10-B40A-CF76586D6990", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "58D2C068-2FF0-4FAB-8317-3ABC6EF8B988", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "845B853C-8F99-4987-AA8E-76078CE6A977", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_\\(structure_a\\):7_s390x:*:*:*:*:*:*:*", "matchCriteriaId": "6207D51C-883B-4B65-B9BF-408197839BE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "280D547B-F204-4848-9262-A103176B740C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "0AB105EC-19F9-424A-86F1-305A6FD74A9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "9EF5C4AC-CA69-41E3-AD93-7AC21931374A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*", "matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*", "matchCriteriaId": "E5CB3640-F55B-4127-875A-2F52D873D179", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "77C61DDC-81F3-4E2D-9CAA-17A256C85443", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "B6B0DA79-DF12-4418-B075-F048C9E2979A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "6D5DE3C5-B090-4CE7-9AF2-DEB379D7D5FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B92409A9-0D6B-4B7E-8847-1B63837D201F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "C5C5860E-9FEB-4259-92FD-A85911E2F99E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "CCE99A08-D6F7-4937-8154-65062BC88009", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E878102-1EA0-4D83-9F36-955DCF902211", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*", "matchCriteriaId": "0DF5449D-22D2-48B4-8F50-57B43DCB15B9", "vulnerable": true}, {"criteria": "cpe:2.3:h:netapp:baseboard_management_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6F9B955-EBB6-4297-8AA0-790CC36122B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Linux Kernel, donde se encontr\u00f3 un desbordamiento de pila en la funci\u00f3n mwifiex_set_wmm_params () del controlador Marvell Wifi."}], "id": "CVE-2019-14815", "lastModified": "2023-07-13T13:33:05.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-25T11:15:11.260", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:0174"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:0328"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:0339"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2019-14815"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Mailing List", "Patch", "Vendor Advisory"], "url": "https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200103-0001/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2019/08/28/1"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Huangwen (ADLab of Venustech) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:1070", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-1127.rt56.1093.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}, {"advisory": "RHSA-2020:0174", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-alt-0:4.14.0-115.17.1.el7a", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-01-21T00:00:00Z"}, {"advisory": "RHSA-2020:1016", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-1127.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}, {"advisory": "RHSA-2020:0328", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-147.5.1.rt24.98.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-02-04T00:00:00Z"}, {"advisory": "RHSA-2020:0339", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-147.5.1.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-02-04T00:00:00Z"}], "bugzilla": {"description": "kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS", "id": "1744137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744137"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.", "A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch has been provided to remediate this flaw."], "name": "CVE-2019-14815", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2019-08-28T10:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-14815\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14815"], "threat_severity": "Moderate"}