Bug 1746732 (CVE-2019-15505) - CVE-2019-15505 kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c
Summary: CVE-2019-15505 kernel: out of bounds read in drivers/media/usb/dvb-usb/techni...
Keywords:
Status: NEW
Alias: CVE-2019-15505
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1746734
Blocks: 1746735
TreeView+ depends on / blocked
 
Reported: 2019-08-29 07:38 UTC by Dhananjay Arunesh
Modified: 2019-09-04 16:01 UTC (History)
40 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Dhananjay Arunesh 2019-08-29 07:38:14 UTC
A vulnerability was found in drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).

Reference:
https://lore.kernel.org/linux-media/20190821104408.w7krumcglxo6fz5q@gofer.mess.org/
https://git.linuxtv.org/media_tree.git/commit/?id=0c4df39e504bf925ab666132ac3c98d6cbbe380b
https://lore.kernel.org/lkml/b9b256cb-95f2-5fa1-9956-5a602a017c11@gmail.com/

Comment 1 Dhananjay Arunesh 2019-08-29 07:39:41 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1746734]


Note You need to log in before you can comment on or make changes to this bug.