CVE-2019-3846
03.06.2019, 19:29
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.Enginsight
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 3.0 ≤ 𝑥 < 3.16.70 |
| linux | linux_kernel | 3.17 ≤ 𝑥 < 4.4.186 |
| linux | linux_kernel | 4.5 ≤ 𝑥 < 4.9.186 |
| linux | linux_kernel | 4.10 ≤ 𝑥 < 4.14.134 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.59 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.1.18 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 19.04 |
| netapp | a700s_firmware | - |
| netapp | cn1610_firmware | - |
| netapp | h610s_firmware | - |
| netapp | active_iq_unified_manager_for_vmware_vsphere | 9.5 ≤ |
| netapp | hci_management_node | - |
| netapp | solidfire | - |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
| opensuse | leap | 42.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||||
| linux-aws |
| ||||||||||||
| linux-aws-5.0 |
| ||||||||||||
| linux-aws-hwe |
| ||||||||||||
| linux-azure |
| ||||||||||||
| linux-azure-5.3 |
| ||||||||||||
| linux-azure-edge |
| ||||||||||||
| linux-euclid |
| ||||||||||||
| linux-flo |
| ||||||||||||
| linux-gcp |
| ||||||||||||
| linux-gcp-5.3 |
| ||||||||||||
| linux-gcp-edge |
| ||||||||||||
| linux-gke |
| ||||||||||||
| linux-gke-4.15 |
| ||||||||||||
| linux-gke-5.0 |
| ||||||||||||
| linux-goldfish |
| ||||||||||||
| linux-grouper |
| ||||||||||||
| linux-hwe |
| ||||||||||||
| linux-hwe-edge |
| ||||||||||||
| linux-kvm |
| ||||||||||||
| linux-lts-trusty |
| ||||||||||||
| linux-lts-utopic |
| ||||||||||||
| linux-lts-vivid |
| ||||||||||||
| linux-lts-wily |
| ||||||||||||
| linux-lts-xenial |
| ||||||||||||
| linux-maguro |
| ||||||||||||
| linux-mako |
| ||||||||||||
| linux-manta |
| ||||||||||||
| linux-oem |
| ||||||||||||
| linux-oem-5.4 |
| ||||||||||||
| linux-oem-osp1 |
| ||||||||||||
| linux-oracle |
| ||||||||||||
| linux-oracle-5.0 |
| ||||||||||||
| linux-raspi2 |
| ||||||||||||
| linux-raspi2-5.3 |
| ||||||||||||
| linux-snapdragon |
|
Common Weakness Enumeration
- CWE-122 - Heap-based Buffer OverflowA heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.
References