RHSA-2020:3389
Vulnerability from csaf_redhat - Published: 2020-08-11 07:17 - Updated: 2025-11-21 18:16Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise MRG 2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)
* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1858091)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the mwifiex_cmd_append_vsie_tlv() in Linux kernel's Marvell WiFi-Ex driver handled vendor specific information elements. A local user could use this flaw to escalate their privileges on the system.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:3389
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278
A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:3389
Workaround
In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex. For instructions relating to how to blacklist a kernel module, refer to: https://access.redhat.com/solutions/41278
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)\n\n* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1858091)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3389",
"url": "https://access.redhat.com/errata/RHSA-2020:3389"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1831868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831868"
},
{
"category": "external",
"summary": "1832530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832530"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3389.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:16:09+00:00",
"generator": {
"date": "2025-11-21T18:16:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:3389",
"initial_release_date": "2020-08-11T07:17:19+00:00",
"revision_history": [
{
"date": "2020-08-11T07:17:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-11T07:17:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:16:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product": {
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-6"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.0-693.72.1.rt56.672.el6rt?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"product": {
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"product_id": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.72.1.rt56.672.el6rt?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product": {
"name": "kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product_id": "kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-693.72.1.rt56.672.el6rt?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product": {
"name": "kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product_id": "kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.0-693.72.1.rt56.672.el6rt?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src"
},
"product_reference": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch"
},
"product_reference": "kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch"
},
"product_reference": "kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12653",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-05-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1831868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the mwifiex_cmd_append_vsie_tlv() in Linux kernel\u0027s Marvell WiFi-Ex driver handled vendor specific information elements. A local user could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12653"
},
{
"category": "external",
"summary": "RHBZ#1831868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12653",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12653"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12653",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12653"
}
],
"release_date": "2020-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-11T07:17:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3389"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c"
},
{
"cve": "CVE-2020-12654",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-05-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1832530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12654"
},
{
"category": "external",
"summary": "RHBZ#1832530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12654"
}
],
"release_date": "2020-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-11T07:17:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3389"
},
{
"category": "workaround",
"details": "In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex. For instructions relating to how to blacklist a kernel module, refer to: https://access.redhat.com/solutions/41278",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.72.1.rt56.672.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.72.1.rt56.672.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…