[B][SRU][PATCH 0/1] Fix for CVE-2019-11810

Po-Hsu Lin po-hsu.lin at canonical.com
Fri Jul 26 08:58:36 UTC 2019

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer
dereference can occur when megasas_create_frame_pool() fails in
megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This
causes a Denial of Service, related to a use-after-free.

This patch can be cherry-picked into the affected Bionic kernel.


Jason Yan (1):
  scsi: megaraid_sas: return error when create DMA pool failed

 drivers/scsi/megaraid/megaraid_sas_base.c | 1 +
 1 file changed, 1 insertion(+)


More information about the kernel-team mailing list