[X/B/D/E][SRU][PATCH 0/4] Fixes for CVE-2019-15117 & CVE-2019-15118
Connor Kuehl
connor.kuehl at canonical.com
Fri Aug 30 00:13:47 UTC 2019
CVE-2019-15117:
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15117.html
"parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through
5.2.9 mishandles a short descriptor, leading to out-of-bounds memory
access."
Clean cherry-pick for Disco and Eoan.
Xenial/Bionic required backporting, but those notes are in the patch
provenance.
CVE-2019-15118:
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15118.html
"check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9
mishandles recursion, leading to kernel stack exhaustion."
Clean cherry-pick for Disco and Eoan.
Xenial/Bionic required backporting, but those notes are in the patch
provenance.
--
2.17.1
More information about the kernel-team
mailing list