Bug 1146535 (CVE-2019-15223)

Summary: VUL-1: CVE-2019-15223: kernel-source: NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c
Product: [Novell Products] SUSE Security Incidents Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: IncidentsAssignee: Takashi Iwai <tiwai>
Status: RESOLVED UPSTREAM QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: smash_bz, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/240477/
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 1 Alexandros Toptsoglou 2019-08-21 11:32:13 UTC
Our kernels are not affected by this issue which was introduced with commit at [1]. TW ships a version which ships already the fix. 

[1] https://github.com/torvalds/linux/commit/7f84ff68be05ec7a5d2acf8fdc734fe5897af48f