CVE-2019-3846

Published: Jun 3, 2019

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.0

8.0

HIGH

Description

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

Vendor	Product	Versions
n/a	kernel	affected `n/a`

Weaknesses (CWE)

CWE-122

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://seclists.org/oss-sec/2019/q2/133

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3846

x_refsource_CONFIRM

FEDORA-2019-7ec378191e

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-f40bd7826f

vendor-advisory

x_refsource_FEDORA

DSA-4465

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:1570

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1571

vendor-advisory

x_refsource_SUSE

20190618 [SECURITY] [DSA 4465-1] linux security update

mailing-list

x_refsource_BUGTRAQ

openSUSE-SU-2019:1579

vendor-advisory

x_refsource_SUSE

https://security.netapp.com/advisory/ntap-20190710-0002/

x_refsource_CONFIRM

20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

x_refsource_MISC

USN-4093-1

vendor-advisory

x_refsource_UBUNTU

USN-4094-1

vendor-advisory

x_refsource_UBUNTU

USN-4095-2

vendor-advisory

x_refsource_UBUNTU

USN-4095-1

vendor-advisory

x_refsource_UBUNTU

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

x_refsource_MISC

USN-4117-1

vendor-advisory

x_refsource_UBUNTU

USN-4118-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2019:2703

vendor-advisory

x_refsource_REDHAT

RHSA-2019:2741

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3076

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3055

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3089

vendor-advisory

x_refsource_REDHAT

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

x_refsource_MISC

RHSA-2020:0174

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-3846

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References