ACK: [PATCH 0/1][SRU][D] CVE-2019-1481{4, 5, 6}: mwifiex heap overflows
Kamal Mostafa
kamal at canonical.com
Mon Sep 30 15:31:29 UTC 2019
Clean mainline cherry pick. LGTM.
Acked-by: Kamal Mostafa <kamal at canonical.com>
-Kamal
On Fri, Sep 27, 2019 at 08:51:36PM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14814.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14815.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14816.html
>
> There are heap-based buffer overflows in Linux kernel, all versions up
> to, excluding 5.3, in the marvell wifi chip driver in Linux kernel,
> that allows local users to cause a denial of service(system crash) or
> possibly execute arbitrary code.
>
> Clean cherry pick. Clean build logs.
>
> Tyler
>
> Wen Huang (1):
> mwifiex: Fix three heap overflow at parsing element in
> cfg80211_ap_settings
>
> drivers/net/wireless/marvell/mwifiex/ie.c | 3 +++
> drivers/net/wireless/marvell/mwifiex/uap_cmd.c | 9 ++++++++-
> 2 files changed, 11 insertions(+), 1 deletion(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list