CVE-2019-10126
high-risk
Published 2019-06-14
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
Do I need to act?
~
3.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
References (54)
Third Party Advisory
http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LS...
Third Party Advisory
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LS...
Broken Link
http://www.securityfocus.com/bid/108817
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3055
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3076
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3089
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3309
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3517
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0174
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0204
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10126
Mailing List
https://seclists.org/bugtraq/2019/Jul/33
Mailing List
https://seclists.org/bugtraq/2019/Jun/26
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190710-0002/
Third Party Advisory
https://support.f5.com/csp/article/K95593121
and 34 more references
62
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
6/34 · Minimal
Exposure
24/34 · High