Denial of service

2019-12-2319:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.9%

JSON

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.

CPENameOperatorVersion
ubuntu_linuxeq18.04
ubuntu_linuxeq14.04
ubuntu_linuxeq16.04
debian_linuxeq8.0
debian_linuxeq9.0
linux_kernellt5.3
e-series_santricity_os_controllerge11.0.0
e-series_santricity_os_controllerle11.70.1
sd-wan_edgeeq8.2

Name	Operator	Version
ubuntu_linux	eq	18.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	16.04
debian_linux	eq	8.0
debian_linux	eq	9.0
linux_kernel	lt	5.3
e-series_santricity_os_controller	ge	11.0.0
e-series_santricity_os_controller	le	11.70.1
sd-wan_edge	eq	8.2