Bug 1150468 - (CVE-2019-16230) VUL-1: DISPUTED: CVE-2019-16230: kernel-source: NULL pointer dereference in alloc_workqueue in drivers/gpu/drm/radeon/radeon_display.c
VUL-1: DISPUTED: CVE-2019-16230: kernel-source: NULL pointer dereference in a...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P4 - Low : Normal
: ---
Assigned To: E-mail List
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2019-09-12 07:55 UTC by Alexander Bergmann
Modified: 2020-06-29 06:42 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-09-12 07:55:52 UTC

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not
check the alloc_workqueue return value, leading to a NULL pointer dereference.

Comment 10 Thomas Zimmermann 2020-02-04 10:43:37 UTC
Looking at

> https://lkml.org/lkml/2019/9/9/487

the radeon change is still missing from v5.5. The other changes are in non-DRM code. Someone with net and/or scsi credentials should look at them.
Comment 11 Borislav Petkov 2020-02-14 09:49:28 UTC
Ok, so AFAICT, this CVE is only for the radeon part. And considering how debatable are those "fixes", I think we can simply say that this is not fixed upstream and not fixed in our kernels either.
Comment 12 Marcus Meissner 2020-02-21 15:42:44 UTC
The allocation is usually happening on module load, which happens for this driver during bootup.

It is not controllable by an attacker.

It is also unlikely to have an OOM condition at this time.

We will not fix this.
Comment 13 Marcus Meissner 2020-02-25 10:53:40 UTC
dispute was also accepted by Mitre.