CVE-2019-14897 MEDIUM

CVE-2019-14897

Vendor Red Hat
Product kernel
Weakness CWE-121
Published November 29, 2019
Last update August 5, 2024

CVSS base score

6.6/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

What the vulnerability does

01Description

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.

Key dates

02Disclosure timeline

November 29, 2019 CVE published
August 5, 2024 Record updated