[PATCH 0/1][SRU][E/D/B/X] CVE-2019-12614: POWER DoS

Tyler Hicks tyhicks at canonical.com
Mon Jul 15 19:53:38 UTC 2019

An issue was discovered in dlpar_parse_cc_property in
arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through
5.1.6. There is an unchecked kstrdup of prop->name, which might allow an
attacker to cause a denial of service (NULL pointer dereference and
system crash).


IMO, this issue has a questionable security impact but the fix is simple
so we should apply it.

I've compile tested this change on all four releases. The fix is
straightforward and it is a clean cherry-pick to all releases.


Gen Zhang (1):
  powerpc/pseries/dlpar: Fix a missing check in

 arch/powerpc/platforms/pseries/dlpar.c | 4 ++++
 1 file changed, 4 insertions(+)


More information about the kernel-team mailing list