APPLIED: [Xenial][SRU][CVE-2019-0136][PATCH 0/1] Fix for CVE-2019-0136
Kleber Souza
kleber.souza at canonical.com
Tue Sep 3 16:21:49 UTC 2019
On 8/20/19 5:19 PM, Connor Kuehl wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-0136.html
>
> From the link above:
>
> "Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software
> driver before version 21.10 may allow an unauthenticated user to
> potentially enable denial of service via adjacent access."
>
> The CVE analysis above shows that Xenial and Disco both require these patches.
> I have only sent the 2nd patch (and only for Xenial) because:
>
> In Xenial, the first patch "mac80211: drop robust management frames from unknown TA"
> was included in this PR (and it is fix released) that syncs with upstream stable:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836668
>
> In Disco, both patches are included in a pending upstream stable sync PR:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1840373
>
> Minor backport required due to context adjustments.
>
> Yu Wang (1):
> mac80211: handle deauthentication/disassociation from TDLS peer
>
> net/mac80211/ieee80211_i.h | 3 +++
> net/mac80211/mlme.c | 12 +++++++++++-
> net/mac80211/tdls.c | 23 +++++++++++++++++++++++
> 3 files changed, 37 insertions(+), 1 deletion(-)
>
Applied to xenial/master-next branch.
Thanks,
Kleber
More information about the kernel-team
mailing list