Vulnerability Details : CVE-2019-17666
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
Vulnerability category: Overflow
Products affected by CVE-2019-17666
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-17666
0.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-17666
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
8.3
|
HIGH | AV:A/AC:L/Au:N/C:C/I:C/A:C |
6.5
|
10.0
|
NIST | |
|
8.8
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2019-17666
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-17666
-
https://access.redhat.com/errata/RHSA-2020:0328
RHSA-2020:0328 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0740
RHSA-2020:0740 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/4186-1/
USN-4186-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0543
RHSA-2020:0543 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
[SECURITY] [DLA 2114-1] linux-4.9 security updateThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20191031-0005/
October 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRBP4O6D2SQ2NHCRHTJONGCZLWOIV5MN/
[SECURITY] Fedora 31 Update: kernel-5.3.7-301.fc31 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0339
RHSA-2020:0339 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0661
RHSA-2020:0661 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://twitter.com/nicowaisman/status/1184864519316758535
Nico Waisman on Twitter: "Found this bug on Monday. An overflow on the linux rtlwifi driver on P2P (Wifi-Direct), while parsing Notice of Absence frames. The bug has been around for at least 4 years hThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
[SECURITY] [DLA 2068-1] linux security updateThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html
[security-announce] openSUSE-SU-2019:2392-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html
[security-announce] openSUSE-SU-2019:2444-1: important: Security updateMailing List;Third Party Advisory
-
https://usn.ubuntu.com/4184-1/
USN-4184-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/
Unpatched Linux bug may open devices to serious attacks over Wi-Fi | Ars TechnicaThird Party Advisory
-
https://lkml.org/lkml/2019/10/16/1226
LKML: Laura Abbott: [PATCH] rtlwifi: Fix potential overflow on P2P codeMailing List;Patch;Third Party Advisory
-
https://usn.ubuntu.com/4185-1/
USN-4185-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/4186-2/
USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/4183-1/
USN-4183-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to