[Xenial][SRU][CVE-2019-0136][PATCH 0/1] Fix for CVE-2019-0136
Connor Kuehl
connor.kuehl at canonical.com
Tue Aug 20 15:19:55 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-0136.html
>From the link above:
"Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software
driver before version 21.10 may allow an unauthenticated user to
potentially enable denial of service via adjacent access."
The CVE analysis above shows that Xenial and Disco both require these patches.
I have only sent the 2nd patch (and only for Xenial) because:
In Xenial, the first patch "mac80211: drop robust management frames from unknown TA"
was included in this PR (and it is fix released) that syncs with upstream stable:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836668
In Disco, both patches are included in a pending upstream stable sync PR:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1840373
Minor backport required due to context adjustments.
Yu Wang (1):
mac80211: handle deauthentication/disassociation from TDLS peer
net/mac80211/ieee80211_i.h | 3 +++
net/mac80211/mlme.c | 12 +++++++++++-
net/mac80211/tdls.c | 23 +++++++++++++++++++++++
3 files changed, 37 insertions(+), 1 deletion(-)
--
2.20.1
More information about the kernel-team
mailing list