CVE-2019-0136
kernel: insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver may allow an unauthenticated user to potentially enable DoS via adjacent access
Severity Score
4.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Un control de acceso insuficiente en el controlador del software PROSet/Wireless WiFi de Intel® anterior a versión 21.10, puede permitir a un usuario no autenticado habilitar potencialmente la denegación de servicio por medio del acceso adyacente.
A flaw was found in the Linux kernel’s implementation of wireless drivers for the Intel PROset wireless hardware. This flaw allows an unauthorized attacker within the wireless radio range to cause the driver and the system to disconnect from the wireless network, triggering the operating system to lose network connectivity while the system is not connected. The highest threat from this vulnerability is system availability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-11-13 CVE Reserved
- 2019-06-13 CVE Published
- 2024-08-04 CVE Updated
- 2024-11-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://jvn.jp/en/jp/JVN75617741/index.html | Third Party Advisory | |
| http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html | X_refsource_misc |
|
| http://www.securityfocus.com/bid/108777 | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html | Mailing List |
|
| https://support.lenovo.com/us/en/product_security/LEN-27828 | Third Party Advisory | |
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://usn.ubuntu.com/4115-1 | 2020-08-24 | |
| https://usn.ubuntu.com/4118-1 | 2020-08-24 | |
| https://usn.ubuntu.com/4145-1 | 2020-08-24 | |
| https://usn.ubuntu.com/4147-1 | 2020-08-24 | |
| https://access.redhat.com/security/cve/CVE-2019-0136 | 2021-11-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2027798 | 2021-11-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Intel Search vendor "Intel" | Proset\/wireless Wifi Search vendor "Intel" for product "Proset\/wireless Wifi" | < 21.10 Search vendor "Intel" for product "Proset\/wireless Wifi" and version " < 21.10" | - |
Affected
| in | Google Search vendor "Google" | Chrome Os Search vendor "Google" for product "Chrome Os" | - | - |
Safe
|
| Intel Search vendor "Intel" | Proset\/wireless Wifi Search vendor "Intel" for product "Proset\/wireless Wifi" | < 21.10 Search vendor "Intel" for product "Proset\/wireless Wifi" and version " < 21.10" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Intel Search vendor "Intel" | Proset\/wireless Wifi Search vendor "Intel" for product "Proset\/wireless Wifi" | < 21.10 Search vendor "Intel" for product "Proset\/wireless Wifi" and version " < 21.10" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | - |
Safe
|
| Intel Search vendor "Intel" | Proset\/wireless Wifi Search vendor "Intel" for product "Proset\/wireless Wifi" | < 21.10 Search vendor "Intel" for product "Proset\/wireless Wifi" and version " < 21.10" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | - |
Safe
|
| Intel Search vendor "Intel" | Proset\/wireless Wifi Search vendor "Intel" for product "Proset\/wireless Wifi" | < 21.10 Search vendor "Intel" for product "Proset\/wireless Wifi" and version " < 21.10" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8.1 Search vendor "Microsoft" for product "Windows 8.1" | - | - |
Safe
|