ID
VAR-E-201906-0085
CVE
| cve_id: | CVE-2019-5016 | Trust: 0.3 |
TITLE
KCodes NetUSB CVE-2019-5016 Memory Corruption Vulnerability
Trust: 0.3
DESCRIPTION
KCodes NetUSB is prone to a memory-corruption vulnerability.
Attackers can exploit this issue to obtain sensitive information or crash the application resulting in a denial-of-service condition.
KCodes NetUSB.ko versions 1.0.2.66 and 1.0.2.69 are vulnerable; other versions may also be affected.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | netgear | model: | ac3200 nighthawk | scope: | eq | version: | 1.0.4.2810.1.54 | Trust: 0.3 |
| vendor: | netgear | model: | ac3000 nighthawk | scope: | eq | version: | 1.0.3.810.0.37 | Trust: 0.3 |
| vendor: | kcodes | model: | netusb.ko | scope: | eq | version: | 1.0.2.69 | Trust: 0.3 |
| vendor: | kcodes | model: | netusb.ko | scope: | eq | version: | 1.0.2.66 | Trust: 0.3 |
EXPLOIT
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
CREDITS
Dave McDaniel of Cisco Talos.
Trust: 0.3
EXTERNAL IDS
| db: | TALOS | id: | TALOS-2019-0775 | Trust: 0.3 |
| db: | NVD | id: | CVE-2019-5016 | Trust: 0.3 |
| db: | BID | id: | 108820 | Trust: 0.3 |
REFERENCES
| url: | https://www.talosintelligence.com/vulnerability_reports/talos-2019-0775 | Trust: 0.3 |
| url: | https://www.kcodes.com/ | Trust: 0.3 |
| url: | http://www.netgear.com/ | Trust: 0.3 |
| url: | https://kb.netgear.com/000061024/security-advisory-for-kcodes-netusb-unauthenticated-remote-kernel-vulnerabilities-on-r7900-and-r8000-routers-psv-2019-0029 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 108820 |
LAST UPDATE DATE
2022-07-27T10:02:40.302000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 108820 | date: | 2019-06-14T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 108820 | date: | 2019-06-14T00:00:00 |