CVE-2019-15926
high-risk
Published 2019-09-04
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
Do I need to act?
~
6.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10
Critical
NETWORK
/ LOW complexity
Affected Products (5)
References (24)
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
Third Party Advisory
https://security.netapp.com/advisory/ntap-20191004-0001/
Third Party Advisory
https://support.f5.com/csp/article/K32034450
Third Party Advisory
https://usn.ubuntu.com/4145-1/
Third Party Advisory
https://usn.ubuntu.com/4147-1/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
Third Party Advisory
https://security.netapp.com/advisory/ntap-20191004-0001/
and 4 more references
52
/ 100
high-risk
Severity
31/34 · Critical
Exploitability
9/34 · Low
Exposure
12/34 · Low