Wind River Support Network

HomeDefectsLIN9-8578
Fixed

LIN9-8578 : Security Advisory - linux - CVE-2019-12455

Created: May 30, 2019    Updated: Oct 31, 2019
Resolved Date: Oct 8, 2019
Found In Version: 9.0.0.1
Fix Version: 9.0.0.24
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Kernel

Description

An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-12455 User=admin}

CVEs


Live chat
Online