APPLIED: [PATCH 0/1][SRU][D] CVE-2019-1481{4,5,6}: mwifiex heap overflows

Khaled Elmously khalid.elmously at canonical.com
Mon Sep 30 20:24:58 UTC 2019


On 2019-09-27 20:51:36 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14814.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14815.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14816.html
> 
>  There are heap-based buffer overflows in Linux kernel, all versions up
>  to, excluding 5.3, in the marvell wifi chip driver in Linux kernel,
>  that allows local users to cause a denial of service(system crash) or
>  possibly execute arbitrary code. 
> 
> Clean cherry pick. Clean build logs.
> 
> Tyler
> 
> Wen Huang (1):
>   mwifiex: Fix three heap overflow at parsing element in
>     cfg80211_ap_settings
> 
>  drivers/net/wireless/marvell/mwifiex/ie.c      | 3 +++
>  drivers/net/wireless/marvell/mwifiex/uap_cmd.c | 9 ++++++++-
>  2 files changed, 11 insertions(+), 1 deletion(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team



More information about the kernel-team mailing list