APPLIED: [PATCH 0/1][SRU][X/B/D/E] CVE-2019-17666: rtlwifi buffer overflow
Kleber Souza
kleber.souza at canonical.com
Mon Oct 21 14:31:55 UTC 2019
On 10/18/19 9:13 AM, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17666.html
>
> rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the
> Linux kernel through 5.3.6 lacks a certain upper-bound check, leading
> to a buffer overflow.
>
> I've followed the suggestion from the rtlwifi maintainer here:
>
> https://lore.kernel.org/lkml/5B2DA6FDDF928F4E855344EE0A5C39D1D5C84368@RTITMBSVM04.realtek.com.tw/
>
> A fix is not yet available upstream, which is why this is labeled a
> SAUCE patch.
>
> Clean cherry pick to all releases. Build tested with clean build logs.
>
> Tyler
>
> Tyler Hicks (1):
> UBUNTU: SAUCE: rtlwifi: Fix potential overflow on P2P code
>
> drivers/net/wireless/realtek/rtlwifi/ps.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
Applied to xenial, bionic, disco and eoan master-next branches.
Thanks,
Kleber
More information about the kernel-team
mailing list