Unrated severityNVD Advisory· Published May 30, 2019· Updated Aug 4, 2024
CVE-2019-12454
CVE-2019-12454
Description
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Linux/Linux kerneldescription
- Range: <=5.1.5
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.suse.com/show_bug.cgimitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git/commit/mitrex_refsource_MISC
- lkml.org/lkml/2019/5/29/705mitrex_refsource_MISC
- support.f5.com/csp/article/K13523672mitrex_refsource_CONFIRM
- support.f5.com/csp/article/K13523672mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.