APPLIED: [PATCH 0/1][SRU][B] CVE-2019-12818: NFC LLCP DoS
Khaled Elmously
khalid.elmously at canonical.com
Fri Jul 12 06:35:59 UTC 2019
On 2019-07-10 06:13:07 , Tyler Hicks wrote:
> An issue was discovered in the Linux kernel before 4.20.15. The
> nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL.
> If the caller does not check for this, it will trigger a NULL pointer
> dereference. This will cause denial of service. This affects
> nfc_llcp_build_gb in net/nfc/llcp_core.c.
>
> - https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-12818
>
> The patch is a clean cherry pick. Build logs show no related compiler
> warnings. I am unable to test the NFC driver.
>
> Tyler
>
> YueHaibing (1):
> net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
>
> net/nfc/llcp_commands.c | 20 ++++++++++++++++++++
> net/nfc/llcp_core.c | 24 ++++++++++++++++++++----
> 2 files changed, 40 insertions(+), 4 deletions(-)
>
> --
> 2.7.4
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list