Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-12454
HistoryMay 30, 2019 - 12:00 a.m.

CVE-2019-12454

2019-05-3000:00:00
ubuntu.com
ubuntu.com
8

0.0004 Low

EPSS

Percentile

13.8%

DISPUTED An issue was discovered in wcd9335_codec_enable_dec in
sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses
kstrndup instead of kmemdup_nul, which allows attackers to have an
unspecified impact via unknown vectors. NOTE: The vendor disputes this
issues as not being a vulnerability because switching to kmemdup_nul()
would only fix a security issue if the source string wasn’t NUL-terminated,
which is not the case.

Notes

Author Note
tyhicks There’s no security impact here from what I can tell. I’ve requested that MITRE reject this CVE.

0.0004 Low

EPSS

Percentile

13.8%