vulnerability

Ubuntu: (Multiple Advisories) (CVE-2019-9500): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
8
CVSS
(AV:A/AC:M/Au:N/C:C/I:C/A:C)
Published
May 14, 2019
Added
May 15, 2019
Modified
Nov 7, 2024

Description

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

Solution(s)

ubuntu-upgrade-linux-image-4-15-0-1013-oracleubuntu-upgrade-linux-image-4-15-0-1032-gcpubuntu-upgrade-linux-image-4-15-0-1034-kvmubuntu-upgrade-linux-image-4-15-0-1036-raspi2ubuntu-upgrade-linux-image-4-15-0-1038-oemubuntu-upgrade-linux-image-4-15-0-1039-awsubuntu-upgrade-linux-image-4-15-0-1045-azureubuntu-upgrade-linux-image-4-15-0-1053-snapdragonubuntu-upgrade-linux-image-4-15-0-50-genericubuntu-upgrade-linux-image-4-15-0-50-generic-lpaeubuntu-upgrade-linux-image-4-15-0-50-lowlatencyubuntu-upgrade-linux-image-4-18-0-1011-gcpubuntu-upgrade-linux-image-4-18-0-1012-kvmubuntu-upgrade-linux-image-4-18-0-1014-raspi2ubuntu-upgrade-linux-image-4-18-0-1016-awsubuntu-upgrade-linux-image-4-18-0-1018-azureubuntu-upgrade-linux-image-4-18-0-20-genericubuntu-upgrade-linux-image-4-18-0-20-generic-lpaeubuntu-upgrade-linux-image-4-18-0-20-lowlatencyubuntu-upgrade-linux-image-4-18-0-20-snapdragonubuntu-upgrade-linux-image-5-0-0-1006-awsubuntu-upgrade-linux-image-5-0-0-1006-azureubuntu-upgrade-linux-image-5-0-0-1006-gcpubuntu-upgrade-linux-image-5-0-0-1006-kvmubuntu-upgrade-linux-image-5-0-0-1008-raspi2ubuntu-upgrade-linux-image-5-0-0-15-genericubuntu-upgrade-linux-image-5-0-0-15-generic-lpaeubuntu-upgrade-linux-image-5-0-0-15-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-16-04ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-powerpc-e500mcubuntu-upgrade-linux-image-powerpc-smpubuntu-upgrade-linux-image-powerpc64-embubuntu-upgrade-linux-image-powerpc64-smpubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragonubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04ubuntu-upgrade-linux-image-virtual-hwe-18-04

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today