[PATCH 0/1][SRU][B] CVE-2019-12818: NFC LLCP DoS
Tyler Hicks
tyhicks at canonical.com
Wed Jul 10 06:13:07 UTC 2019
An issue was discovered in the Linux kernel before 4.20.15. The
nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL.
If the caller does not check for this, it will trigger a NULL pointer
dereference. This will cause denial of service. This affects
nfc_llcp_build_gb in net/nfc/llcp_core.c.
- https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-12818
The patch is a clean cherry pick. Build logs show no related compiler
warnings. I am unable to test the NFC driver.
Tyler
YueHaibing (1):
net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
net/nfc/llcp_commands.c | 20 ++++++++++++++++++++
net/nfc/llcp_core.c | 24 ++++++++++++++++++++----
2 files changed, 40 insertions(+), 4 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list