ACK: [PATCH 0/1][SRU][X/B/D/E] CVE-2019-17666: rtlwifi buffer overflow
Andrea Righi
andrea.righi at canonical.com
Fri Oct 18 07:20:09 UTC 2019
On Fri, Oct 18, 2019 at 07:13:02AM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17666.html
>
> rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the
> Linux kernel through 5.3.6 lacks a certain upper-bound check, leading
> to a buffer overflow.
>
> I've followed the suggestion from the rtlwifi maintainer here:
>
> https://lore.kernel.org/lkml/5B2DA6FDDF928F4E855344EE0A5C39D1D5C84368@RTITMBSVM04.realtek.com.tw/
>
> A fix is not yet available upstream, which is why this is labeled a
> SAUCE patch.
>
> Clean cherry pick to all releases. Build tested with clean build logs.
>
> Tyler
>
> Tyler Hicks (1):
> UBUNTU: SAUCE: rtlwifi: Fix potential overflow on P2P code
>
> drivers/net/wireless/realtek/rtlwifi/ps.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
Looks like a safe change to me.
Acked-by: Andrea Righi <andrea.righi at canonical.com>
More information about the kernel-team
mailing list