Details of VAR-201906-0192

ID

VAR-201906-0192

CVE

CVE-2019-5016

TITLE

KCodes NetUSB.ko Kernel modules and NETGEAR Nighthawk Information disclosure vulnerability in routers

Trust: 0.8

sources: JVNDB: JVNDB-2019-005615

DESCRIPTION

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory read, resulting in a denial of service or remote information disclosure. An unauthenticated attacker can send a crafted packet on the local network to trigger this vulnerability. KCodes NetUSB.ko Kernel modules and NETGEAR Nighthawk The router contains an information disclosure vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. KCodes NetUSB is prone to a memory-corruption vulnerability. Attackers can exploit this issue to obtain sensitive information or crash the application resulting in a denial-of-service condition. KCodes NetUSB.ko versions 1.0.2.66 and 1.0.2.69 are vulnerable; other versions may also be affected. KCodes NetUSB.ko is a Linux kernel module that provides USB services through IP provided by Taiwan KCodes Company. KCodes NetUSB.ko versions 1.0.2.66 and 1.0.2.69 have an information disclosure vulnerability. The following products and versions are affected: NETGEAR Nighthawk AC3200 (R8000) using firmware version 1.0.4.2810.1.54 (11/7/18); NETGEAR Nighthawk AC3000 ( R7900)

Trust: 1.98

sources: NVD: CVE-2019-5016 // JVNDB: JVNDB-2019-005615 // BID: 108820 // VULHUB: VHN-156451

AFFECTED PRODUCTS

vendor:	kcodes	model:	netusb.ko	scope:	eq	version:	1.0.2.69	Trust: 1.3
vendor:	kcodes	model:	netusb.ko	scope:	eq	version:	1.0.2.66	Trust: 1.3
vendor:	netgear	model:	r8000	scope:	eq	version:	1.0.4.28_10.1.54	Trust: 1.0
vendor:	netgear	model:	r7900	scope:	eq	version:	1.0.3.810.037	Trust: 1.0
vendor:	kcodes	model:	netusb	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	r7900	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	r8000	scope:	-	version:	-	Trust: 0.8
vendor:	netgear	model:	ac3200 nighthawk	scope:	eq	version:	1.0.4.2810.1.54	Trust: 0.3
vendor:	netgear	model:	ac3000 nighthawk	scope:	eq	version:	1.0.3.810.0.37	Trust: 0.3

sources: BID: 108820 // JVNDB: JVNDB-2019-005615 // NVD: CVE-2019-5016

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-5016
value:	CRITICAL
Trust: 1.0
talos-cna@cisco.com:	CVE-2019-5016
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-5016
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201906-637
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-156451
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-5016
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-156451
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-5016
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.1
Trust: 1.0
talos-cna@cisco.com:	CVE-2019-5016
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.8
version:	3.0
Trust: 1.0
NVD:	CVE-2019-5016
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-156451 // JVNDB: JVNDB-2019-005615 // CNNVD: CNNVD-201906-637 // NVD: CVE-2019-5016 // NVD: CVE-2019-5016

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-156451 // JVNDB: JVNDB-2019-005615 // NVD: CVE-2019-5016

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-637

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201906-637

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005615

PATCH

title:	NetUSB (USB over IP)	url:	https://www.kcodes.com/product/1/36	Trust: 0.8
title:	Model: R7900	url:	https://www.netgear.com/home/products/networking/wifi-routers/R7900.aspx	Trust: 0.8
title:	Model: R8000	url:	https://www.netgear.com/home/products/networking/wifi-routers/R8000.aspx	Trust: 0.8
title:	KCodes NetUSB.ko Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94522	Trust: 0.6

sources: JVNDB: JVNDB-2019-005615 // CNNVD: CNNVD-201906-637

EXTERNAL IDS

db:	NVD	id:	CVE-2019-5016	Trust: 2.8
db:	TALOS	id:	TALOS-2019-0775	Trust: 2.8
db:	BID	id:	108820	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-005615	Trust: 0.8
db:	CNNVD	id:	CNNVD-201906-637	Trust: 0.7
db:	VULHUB	id:	VHN-156451	Trust: 0.1

sources: VULHUB: VHN-156451 // BID: 108820 // JVNDB: JVNDB-2019-005615 // CNNVD: CNNVD-201906-637 // NVD: CVE-2019-5016

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2019-0775	Trust: 2.5
url:	http://www.securityfocus.com/bid/108820	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5016	Trust: 1.4
url:	http://www.netgear.com/	Trust: 0.9
url:	https://www.kcodes.com/	Trust: 0.9
url:	https://www.talosintelligence.com/vulnerability_reports/talos-2019-0775	Trust: 0.9
url:	https://kb.netgear.com/000061024/security-advisory-for-kcodes-netusb-unauthenticated-remote-kernel-vulnerabilities-on-r7900-and-r8000-routers-psv-2019-0029	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5016	Trust: 0.8

sources: VULHUB: VHN-156451 // BID: 108820 // JVNDB: JVNDB-2019-005615 // CNNVD: CNNVD-201906-637 // NVD: CVE-2019-5016

CREDITS

Dave McDaniel of Cisco Talos

Trust: 0.6

sources: CNNVD: CNNVD-201906-637

SOURCES

db:	VULHUB	id:	VHN-156451
db:	BID	id:	108820
db:	JVNDB	id:	JVNDB-2019-005615
db:	CNNVD	id:	CNNVD-201906-637
db:	NVD	id:	CVE-2019-5016

LAST UPDATE DATE

2024-11-23T22:30:01.674000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-156451	date:	2019-06-20T00:00:00
db:	BID	id:	108820	date:	2019-06-14T00:00:00
db:	JVNDB	id:	JVNDB-2019-005615	date:	2019-06-24T00:00:00
db:	CNNVD	id:	CNNVD-201906-637	date:	2019-07-09T00:00:00
db:	NVD	id:	CVE-2019-5016	date:	2024-11-21T04:44:11.577

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-156451	date:	2019-06-17T00:00:00
db:	BID	id:	108820	date:	2019-06-14T00:00:00
db:	JVNDB	id:	JVNDB-2019-005615	date:	2019-06-24T00:00:00
db:	CNNVD	id:	CNNVD-201906-637	date:	2019-06-14T00:00:00
db:	NVD	id:	CVE-2019-5016	date:	2019-06-17T21:15:09.830