VIR Vulnerability Intelligence Relay

CVE-2019-14895

unknown
Published — · Modified —
CVSS v3
VIR risk

Description

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed5.4.13-1
debian debianbullseyefixed5.4.13-1
debian debianforkyfixed5.4.13-1
debian debiansidfixed5.4.13-1
debian debiantrixiefixed5.4.13-1

References

💬 Discuss CVE-2019-14895 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.