On Mon, 2019-06-03 at 16:02 -0700, Zubin Mithra wrote:
> Hello,
>
> CVE-2019-12381 was fixed in the upstream linux kernel with the commit :-
> * 425aa0e1d015 ("ip_sockglue: Fix missing-check bug in ip_ra_control()")
>
> Could the patch be applied in order to v4.19.y, v4.14.y, v4.9.y and v4.4.y ?
>
> Tests run:
> * Chrome OS tryjobs
This doesn't fix a security vulnerability. There already was a check
for allocation failure before dereferencing the returned pointer; it
just wasn't in the most obvious place.
I've requested rejection of this CVE, and several other invalid reports
from the same person.
Ben.
--
Ben Hutchings
Experience is what causes a person to make new mistakes
instead of old ones.
Attachment:
signature.asc
Description: This is a digitally signed message part
