Oval Definition:oval:com.ubuntu.disco:def:2019149010000000
Revision Date:2019-11-29Version:1
Title:CVE-2019-14901 on Ubuntu 19.04 (disco) - medium.
Description:A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-14901
Platform(s):Ubuntu 19.04
Product(s):
Definition Synopsis
  • Ubuntu 19.04 (disco) is installed.
  • AND Package Information
  • linux package in disco was vulnerable but has been fixed (note: '5.0.0-38.41').
  • OR linux-aws package in disco was vulnerable but has been fixed (note: '5.0.0-1023.26').
  • OR linux-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1028.30').
  • OR linux-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1028.29').
  • OR linux-kvm package in disco was vulnerable but has been fixed (note: '5.0.0-1024.26').
  • OR linux-meta package in disco was vulnerable but has been fixed (note: '5.0.0-38.41').
  • OR linux-meta-aws package in disco was vulnerable but has been fixed (note: '5.0.0-1023.26').
  • OR linux-meta-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1028.30').
  • OR linux-meta-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1028.29').
  • OR linux-meta-kvm package in disco was vulnerable but has been fixed (note: '5.0.0-1024.26').
  • OR linux-meta-oem package in disco is affected and needs fixing.
  • OR linux-meta-oem-osp1 package in disco is affected and needs fixing.
  • OR linux-meta-oracle package in disco was vulnerable but has been fixed (note: '5.0.0-1009.14').
  • OR linux-meta-raspi2 package in disco was vulnerable but has been fixed (note: '5.0.0-1024.25').
  • OR linux-oem package in disco is affected and needs fixing.
  • OR linux-oem-osp1 package in disco is affected and needs fixing.
  • OR linux-oracle package in disco was vulnerable but has been fixed (note: '5.0.0-1009.14').
  • OR linux-raspi2 package in disco was vulnerable but has been fixed (note: '5.0.0-1024.25').
  • OR linux-signed package in disco was vulnerable but has been fixed (note: '5.0.0-38.41').
  • OR linux-signed-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1028.30').
  • OR linux-signed-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1028.29').
  • OR linux-signed-oem package in disco is affected and needs fixing.
  • OR linux-signed-oem-osp1 package in disco is affected and needs fixing.
  • OR linux-signed-oracle package in disco was vulnerable but has been fixed (note: '5.0.0-1009.14').
  • OR linux-snapdragon package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1028.30').
    • BACK