[Bionic][PATCH 0/2] Fix for CVE-2019-0136
Tyler Hicks
tyhicks at canonical.com
Tue Aug 6 15:48:47 UTC 2019
On 2019-08-06 18:06:31, Wen-chien Jesse Sung wrote:
> BugLink: https://launchpad.net/bugs/1839105
>
> == SRU Justification ==
>
> * Impact:
> A potential security vulnerability in IntelĀ® PROSet/Wireless WiFi Software
> may allow denial of service.
> https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html
>
> * Fix:
> 588f7d39b359 mac80211: drop robust management frames from unknown TA
> 79c92ca42b5a mac80211: handle deauthentication/disassociation from TDLS peer
How were you able to determine that they are the fix for CVE-2019-0136?
I can't find any public info that correlates CVE-2019-0136 with the two
fixes you mentioned. I've left this CVE as untriaged in the Ubuntu CVE
Tracker and was about to reach out to Intel to get more info.
Tyler
>
> * Risk of Regression:
> Low. These commits are already in 4.14.130 and 4.19.56 so will eventually
> land in an SRU release or two. We just need them to be included in this cycle
> for Bionic to meet project schedule.
>
>
> Johannes Berg (1):
> mac80211: drop robust management frames from unknown TA
>
> Yu Wang (1):
> mac80211: handle deauthentication/disassociation from TDLS peer
>
> net/mac80211/ieee80211_i.h | 3 +++
> net/mac80211/mlme.c | 12 +++++++++++-
> net/mac80211/rx.c | 2 ++
> net/mac80211/tdls.c | 23 +++++++++++++++++++++++
> 4 files changed, 39 insertions(+), 1 deletion(-)
>
> --
> 2.20.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list