Opened 5 years ago

Closed 5 years ago

#4517 closed task (fixed)

linux-5.2.11

Reported by: Douglas R. Reno Owned by: lfs-book
Priority: normal Milestone: 9.1
Component: Book Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (4)

comment:1 by Douglas R. Reno, 5 years ago

Heads up, this fixes vulnerabilities in the USB subsystem:

https://seclists.org/oss-sec/2019/q3/146 

### CVEs

* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15290

An issue was discovered in the Linux kernel through 5.2.9. There is a
NULL pointer dereference caused by a malicious USB device in the
ath6kl_usb_alloc_urb_from_pipe function in the
drivers/net/wireless/ath/ath6kl/usb.c driver.

* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a
NULL pointer dereference caused by a malicious USB device in the
flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c
driver.

comment:2 by ken@…, 5 years ago

I think you might be misreading this : to me "through 5.2.9" suggests not yet fix. In fact, this time I did get the oss-security mail (my ISP has a habit of dropping them). In the second paragraph it say:

As an experiment this time I've requested CVEs for 2 bugs (CVE-2019-15290, CVE-2019-15291) that haven't yet been fixed (fixes for the other 13 bugs are in the upstream kernel). Both have been reported by syzbot over 4 months ago. I've made sure that these 2 bugs are reproducible with a crafted USB device and crash a Linux laptop (or rather crash the USB worker thread) with one of the distro kernels.

comment:3 by Bruce Dubbs, 5 years ago

Summary: linux-5.2.9linux-5.2.11

Now at version 5.2.11.

comment:4 by Bruce Dubbs, 5 years ago

Resolution: fixed
Status: newclosed

Fixed at revision 11665.

Note: See TracTickets for help on using tickets.