Attacker Value
Unknown
CVE-2019-5108
Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)CVE-2019-5108
(Last updated October 06, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
6.5 Medium
Impact Score:
3.6
Exploitability Score:
2.8
Attack Vector (AV):
Adjacent_network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High
General Information
Vendors
- canonical,
- debian,
- linux,
- netapp,
- oracle
Products
- 8300 firmware -,
- 8700 firmware -,
- a400 firmware -,
- a700s firmware -,
- active iq unified manager -,
- cloud backup -,
- data availability services -,
- debian linux 8.0,
- debian linux 9.0,
- e-series santricity os controller,
- h610s firmware -,
- hci management node -,
- linux kernel,
- sd-wan edge 8.2,
- solidfire -,
- steelstore cloud integrated storage -,
- ubuntu linux 14.04,
- ubuntu linux 16.04,
- ubuntu linux 18.04
References
Advisory
