APPLIED: [PATCH 0/1][SRU][B/D] CVE-2019-12984: NFC Netlink DoS
Khaled Elmously
khalid.elmously at canonical.com
Fri Jul 12 06:35:16 UTC 2019
On 2019-07-10 06:12:24 , Tyler Hicks wrote:
> A NULL pointer dereference vulnerability in the function
> nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel
> before 5.1.13 can be triggered by a malicious user-mode program that omits
> certain NFC attributes, leading to denial of service.
>
> - https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-12984
>
> The patch is a clean cherry pick to both kernels. Build logs show no
> related compiler warnings. I am unable to test the NFC driver.
>
> Tyler
>
> Young Xiao (1):
> nfc: Ensure presence of required attributes in the deactivate_target
> handler
>
> net/nfc/netlink.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> --
> 2.7.4
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list