CVE-2019-12454

by Fred · 29/05/2019

** DISPUTED ** An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn’t NUL-terminated, which is not the case.

Date published : 2019-05-29

https://support.f5.com/csp/article/K13523672

https://support.f5.com/csp/article/K13523672?utm_source=f5support&utm_medium=RSS

CVE-2019-12454

Similar

Recent Posts

Categories

CVE-2019-12454

Share this:

Similar

Recent Posts

Categories

Tags