An issue was discovered in the Linux kernels implementation of NFC drivers. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c. References: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=58bdd544e2933a21a51eecf17c3f5f94038261b5 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.15 https://github.com/torvalds/linux/commit/58bdd544e2933a21a51eecf17c3f5f94038261b5
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1721969]
This issue was fixed for Fedora in the 4.20.15 stable update.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-12818