ASA-2019-00573 – Linux kernel: Potential buffer overflow on P2P code in rtlwifi

Allele Security Alert



ASA-2019-00573, CVE-2019-17666


Potential buffer overflow on P2P code in rtlwifi


Linux foundation


Linux kernel

Affected version(s)

Linux kernel 5.3.x versions before 5.3.9
Linux kernel 4.9.x versions before 4.9.199
Linux kernel 4.4.x versions before 4.4.199
Linux kernel 4.19.x versions before 4.19.82
Linux kernel 4.14.x versions before 4.14.152

Fixed version(s)

Linux kernel version 5.3.9
Linux kernel version 4.9.199
Linux kernel version 4.4.199
Linux kernel version 4.19.82
Linux kernel version 4.14.152

Proof of concept



The function rtl_p2p_noa_ie() in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow.

Technical details

Even though noa_len is checked for a compatible length, it’s still possible to overrun the buffers of p2pinfo since there’s no check on the upper bound of noa_num.


Nicolas Waisman (Semmle Security Research)


[PATCH] rtlwifi: Fix potential overflow on P2P code

rtlwifi: Fix potential overflow on P2P code

Linux 5.3.9

Linux 4.9.199

Linux 4.4.199

Linux 4.19.82

Linux 4.14.152

October 2019 Linux Kernel Vulnerabilities in NetApp Products

CVE-2019-17666 - Red Hat Customer Portal

CVE-2019-17666 in Ubuntu

CVE-2019-17666 | SUSE




If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: November 11, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.