CVE-2019-14897

Related Files

Kernel Live Patch Security Notice LSN-0062-1

Posted Feb 3, 2020

Authored by Benjamin M. Romer

It was discovered that the binder IPC implementation in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux

advisories | CVE-2019-14615, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-18885, CVE-2019-2214

SHA-256 | dd9eb8a13d06fc9ad56d7a4bb1f0a271663ad5edcf7bf6387c09481d3c8486e9

Download | Favorite | View

Kernel Live Patch Security Notice LSN-0061-1

Posted Jan 8, 2020

Authored by Benjamin M. Romer

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel

systems | linux

advisories | CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-15794

SHA-256 | 7a78ab2637b0c415c10d8aece2f49d7cb0ffca96812fc550881491945ac50eac

Download | Favorite | View