CVE-2019-14283

Impact:
Moderate
Public Date:
2019-07-26
CWE:
(CWE-190|CWE-125)
Bugzilla:
1734243: CVE-2019-14283 kernel: integer overflow and OOB read in drivers/block/floppy.c
A vulnerability was found in the Linux kernel’s floppy disk driver implementation. A local attacker with access to the floppy device could call set_geometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw may crash the system or allow an attacker to gather information causing subsequent successful attacks.

Find out more about CVE-2019-14283 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 5.6
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality Low
Integrity Impact None
Availability Impact High

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 kernel-rt Out of support scope
Red Hat Enterprise Linux 8 kernel Will not fix
Red Hat Enterprise Linux 8 kernel-rt Will not fix
Red Hat Enterprise Linux 7 kernel-alt Affected
Red Hat Enterprise Linux 7 kernel Affected
Red Hat Enterprise Linux 7 kernel-rt Affected
Red Hat Enterprise Linux 6 kernel Affected
Red Hat Enterprise Linux 5 kernel Out of support scope
Unless explicitly stated as not affected, all previous versions of packages in any minor update stream of a product listed here should be assumed vulnerable, although may not have been subject to full analysis.

Mitigation

The kernel module named 'floppy' contains the affected code, this can be blacklisted using the standard blacklisting techniques or disabled in the systems BIOS. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module.

Virtualized guest systems can also remove the system from the guests configuration to ensure that the module does not load.

External References

Last Modified