Home

CVE-2019-15126

Description

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

Risk Information

Base Score
3.1
MODERATE
Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
8.564

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2Mac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 Combo UpdateMac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.1Mac
SUSE-SU-2021:4200-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-firmware-20190618-5.17.1.noarch.rpmLinux
SUSE-SU-2021:4200-1(SUSE Linux Enterprise Server 12-SP5 ) ucode-amd-20190618-5.17.1.noarch.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-debuginfo-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debuginfo-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debugsource-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-debuginfo-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-4.12.14-122.106.1.noarch.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-macros-4.12.14-122.106.1.noarch.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-4.12.14-122.106.1.noarch.rpmLinux
SUSE-SU-2022:0068-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-4.12.14-122.106.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.85.1.x86_64.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.85.1.noarch.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.85.1.noarch.rpmLinux
SUSE-SU-2022:0080-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.85.1.x86_64.rpmLinux
Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2019-15126)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234