ACK: [X][E][SRU][PATCH 0/1] Fix for CVE-2020-11608
Khaled Elmously
khalid.elmously at canonical.com
Wed Apr 22 23:37:05 UTC 2020
On 2020-04-16 16:50:18 , Po-Hsu Lin wrote:
> From our CVE page:
> https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-11608.html
>
> "An issue was discovered in the Linux kernel before 5.6.1.
> drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in
> ov511_mode_init_regs and ov518_mode_init_regs when there are zero
> endpoints, aka CID-998912346c0d."
>
> This is affecting Ubuntu Xenial and Eoan kernel, this patch can be
> cherry-picked for them.
>
> Kernel test build OK (amd64).
>
> Johan Hovold (1):
> media: ov519: add missing endpoint sanity checks
>
> drivers/media/usb/gspca/ov519.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>
More information about the kernel-team
mailing list