retired/CVE-2019-18808


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: crypto: ccp - Release all allocated memory if sha type is invalid
References:
 https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2
Notes:
 carnil> Fix not yet in Linus' tree.
 bwh> The SHA type is already validated at the top of the function, so this
 bwh> is "fixing" an unreachable error path.
Bugs:
upstream: released (5.5-rc1) [128c66429247add5128c03dc1e144ca56f05a4e2]
4.19-upstream-stable: released (4.19.137) [167edeeb034f65f57790ff70b1af84a501274d15]
4.9-upstream-stable: released (4.9.233) [65d77c8771d2246fafb8e57dd260c8fa7224a576]
3.16-upstream-stable: N/A "Not a valid issue"
sid: released (5.5.13-1)
4.19-buster-security: N/A "Not a valid issue"
4.9-stretch-security: N/A "Not a valid issue"
3.16-jessie-security: N/A "Not a valid issue"