CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
30.7%
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_eus | 8.1 | cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_eus | 8.2 | cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_eus | 8.4 | cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_eus | 8.6 | cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_for_power_little_endian_eus | 8.1 | cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_for_power_little_endian_eus | 8.2 | cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_for_power_little_endian_eus | 8.4 | cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:* |
redhat | codeready_linux_builder_for_power_little_endian_eus | 8.6 | cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* |
redhat | enterprise_linux | 5 | cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:* |
access.redhat.com/errata/RHSA-2020:0174
access.redhat.com/errata/RHSA-2020:0328
access.redhat.com/errata/RHSA-2020:0339
access.redhat.com/security/cve/cve-2019-14815
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815
github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
lists.debian.org/debian-lts-announce/2020/03/msg00001.html
lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com
security.netapp.com/advisory/ntap-20200103-0001/
www.openwall.com/lists/oss-security/2019/08/28/1
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
30.7%