diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-09 21:22:45 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-09 21:22:45 +0100 |
commit | 30e923c9029fa0f9ba1976670c8ee73cbf02169e (patch) | |
tree | 87b0fd686e9a24569aaaf32fc5792062600f7517 /retired/CVE-2019-14815 | |
parent | 00d322afed3dc04e74ab0037716e96278c5b8ac6 (diff) |
Retire some CVEs
Diffstat (limited to 'retired/CVE-2019-14815')
-rw-r--r-- | retired/CVE-2019-14815 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/retired/CVE-2019-14815 b/retired/CVE-2019-14815 new file mode 100644 index 00000000..ddeeb10f --- /dev/null +++ b/retired/CVE-2019-14815 @@ -0,0 +1,20 @@ +Description: Heap Overflow in mwifiex_set_wmm_params() function +References: + https://www.openwall.com/lists/oss-security/2019/08/28/1 + https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc@gmail.com/ +Notes: + bwh> Introduced in 4.10 by commit 113630b581d6 "mwifiex: vendor_ie length + bwh> check for parse WMM IEs". + carnil> The bounds-check in mwifiex_set_wmm_paramsare still applied as + carnil> well in older versions e.g. 4.9.194. Put the state again in + carnil> needed for 4.9-stretch-security but just to recheck if this is + carnil> really not needed to track for CVE-2019-14815. +Bugs: +upstream: released (5.3) [7caac62ed598a196d6ddf8d9c121e12e082cac3a] +4.19-upstream-stable: released (4.19.75) [941431c491a68e0428bdfb46bbe4cbc52f7bfabb] +4.9-upstream-stable: released (4.9.194) [21dfacaf201ed13af70a8bd3e66bcf18cdb63b35] +3.16-upstream-stable: N/A "Vulnerability introduced later" +sid: released (5.2.17-1) +4.19-buster-security: released (4.19.87-1) +4.9-stretch-security: released (4.9.210-1) +3.16-jessie-security: N/A "Vulnerability introduced later" |