[0/1,SRU,X/B/D/E] CVE-2019-15098: Atheros ath6kl DoS

Message ID	20191003154727.14199-1-tyhicks@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Tyler Hicks <tyhicks@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [PATCH 0/1][SRU][X/B/D/E] CVE-2019-15098: Atheros ath6kl DoS Date: Thu, 3 Oct 2019 15:47:26 +0000 Message-Id: <20191003154727.14199-1-tyhicks@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	CVE-2019-15098: Atheros ath6kl DoS \| expand [0/1,SRU,X/B/D/E] CVE-2019-15098: Atheros ath6kl DoS [1/1] ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()

Message ID

20191003154727.14199-1-tyhicks@canonical.com

Headers

From: Tyler Hicks <tyhicks@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [PATCH 0/1][SRU][X/B/D/E] CVE-2019-15098: Atheros ath6kl DoS
Date: Thu,  3 Oct 2019 15:47:26 +0000
Message-Id: <20191003154727.14199-1-tyhicks@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

CVE-2019-15098: Atheros ath6kl DoS | expand

Message

Tyler Hicks Oct. 3, 2019, 3:47 p.m. UTC

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15098.html

 drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9
 has a NULL pointer dereference via an incomplete address in an endpoint
 descriptor.

Clean cherry pick to all releases. The build logs are clean.

Tyler

Hui Peng (1):
  ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()

 drivers/net/wireless/ath/ath6kl/usb.c | 8 ++++++++
 1 file changed, 8 insertions(+)

Comments

Seth Forshee Oct. 3, 2019, 4:01 p.m. UTC | #1

On Thu, Oct 03, 2019 at 03:47:26PM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15098.html
> 
>  drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9
>  has a NULL pointer dereference via an incomplete address in an endpoint
>  descriptor.
> 
> Clean cherry pick to all releases. The build logs are clean.

Acked-by: Seth Forshee <seth.forshee@canonical.com>

Seth Forshee Oct. 3, 2019, 8:54 p.m. UTC | #2

On Thu, Oct 03, 2019 at 03:47:26PM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15098.html
> 
>  drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9
>  has a NULL pointer dereference via an incomplete address in an endpoint
>  descriptor.
> 
> Clean cherry pick to all releases. The build logs are clean.

Applied to eoan/master-next, thanks!

Kleber Sacilotto de Souza Oct. 16, 2019, 10:07 a.m. UTC | #3

On 03.10.19 17:47, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15098.html
> 
>  drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9
>  has a NULL pointer dereference via an incomplete address in an endpoint
>  descriptor.
> 
> Clean cherry pick to all releases. The build logs are clean.
> 
> Tyler
> 
> Hui Peng (1):
>   ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
> 
>  drivers/net/wireless/ath/ath6kl/usb.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 

Applied to xenial, bionic and disco master-next branches.

Thanks,
Kleber