Update data (!27) · Merge requests · cip-project / cip-kernel / cip-kernel-sec

The source project of this merge request has been removed.

Chen-Yu Tsai requested to merge (removed):master into master Jan 07, 2020

This likely overlaps with @szlin's MR !26 (closed).

Adding this one to hold information I already gathered.

New CVEs:

CVE-2019-5108

mac80211 layer 2 update frame sent out before authorization. Fixed in mainline.
CVE-2019-19241

Possible incorrect permissions when executing io_uring actions. Fixed in mainline and 5.4.y. Doesn't apply to LTS branches since io_uring is relatively new.
CVE-2019-19807

use-after-free in sound/core/timer.c. Fixed in all branches.
CVE-2019-19813
CVE-2019-19814
CVE-2019-19815
CVE-2019-19816
CVE-2019-19927

Crafted FS image related issues found by fuzzing.
CVE-2019-19922

Incorrect CFS throttling. Fixed in mainline, 5.4.y, 4.19.y, and 4.14.y.
CVE-2019-19947

Info-leaks from CAN_KVASER_USB. Fixed in mainline, 5.4.y and 4.19.y.
CVE-2019-19965

Possible NULL pointer derefernece in libsas sas port discovery. Fixed in mainline.
CVE-2019-19966

Use-after-free in VIDEO_CPIA2. Fixed in all branches.
CVE-2019-20054

NULL pointer dereference in drop_sysctl_table(). Fixed in all branches.
CVE-2019-20095

Memory leak and DoS in net/wireless/marvell/mwifiex. Fixed in all branches except 4.4.y. Maybe it doesn't apply?
CVE-2019-20096

Memory leak in dccp. Fixed in mainline and 3.16.y.

Edited Jan 12, 2020 by Chen-Yu Tsai

Update data