CVE-2019-17666

Published: Oct 17, 2019Modified: Jun 17, 2026

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

Affected (13)

Products: Linux: Linux Kernel · Debian: Debian Linux · Canonical: Ubuntu Linux

1 product

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 3.16.77
Linux Linux Kernel	From 3.17 to 4.4.199
Linux Linux Kernel	From 4.10 to 4.14.152
Linux Linux Kernel	From 4.15 to 4.19.82
Linux Linux Kernel	From 4.20 to 5.2
Linux Linux Kernel	From 4.5 to 4.9.199
Linux Linux Kernel	From 5.3 to 5.3.9

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04
Canonical Ubuntu Linux	Version 19.10

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (38)

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0328

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0339

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0543

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0661

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0740

Source: cve@mitre.org

Third Party Advisory

https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/

Source: cve@mitre.org

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html

Source: cve@mitre.org

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html

Source: cve@mitre.org

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRBP4O6D2SQ2NHCRHTJONGCZLWOIV5MN/

Source: cve@mitre.org

https://lkml.org/lkml/2019/10/16/1226

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20191031-0005/

Source: cve@mitre.org

Third Party Advisory

https://twitter.com/nicowaisman/status/1184864519316758535

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4183-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4184-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4185-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4186-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4186-2/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html