Fix for CVE-2019-0136

Bug #1839105 reported by Jesse Sung
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
HWE Next
Undecided
Jesse Sung
linux (Ubuntu)
Undecided
Jesse Sung
Bionic
Undecided
Jesse Sung

Bug Description

== SRU Justification ==

* Impact:
A potential security vulnerability in Intel® PROSet/Wireless WiFi Software may allow denial of service.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html

* Fix:
588f7d39b359 mac80211: drop robust management frames from unknown TA
79c92ca42b5a mac80211: handle deauthentication/disassociation from TDLS peer

* Risk of Regression:
Low. These commits are already in 4.14.130 and 4.19.56 so will eventually land in an SRU release or two. We just need them to be included in this cycle for Bionic to meet project schedule.

Jesse Sung (wenchien)
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Jesse Sung (wenchien)
tags: added: carson oem-priority originate-from-1833055
Jesse Sung (wenchien)
Changed in hwe-next:
status: New → In Progress
status: In Progress → Fix Released
assignee: nobody → Jesse Sung (wenchien)
Revision history for this message
Jesse Sung (wenchien) wrote :

We still don't have a firm answer if these two commits are the fixes, but they were merged into the next SRU release through upstream stable updates anyway. Change the status to 'Fix Released'.

Changed in linux (Ubuntu):
status: In Progress → Fix Released
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers