Bugzilla – Bug 1150468
VUL-1: DISPUTED: CVE-2019-16230: kernel-source: NULL pointer dereference in alloc_workqueue in drivers/gpu/drm/radeon/radeon_display.c
Last modified: 2020-06-29 06:42:25 UTC
CVE-2019-16230 drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16230 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16230 https://lkml.org/lkml/2019/9/9/487
Looking at > https://lkml.org/lkml/2019/9/9/487 the radeon change is still missing from v5.5. The other changes are in non-DRM code. Someone with net and/or scsi credentials should look at them.
Ok, so AFAICT, this CVE is only for the radeon part. And considering how debatable are those "fixes", I think we can simply say that this is not fixed upstream and not fixed in our kernels either.
The allocation is usually happening on module load, which happens for this driver during bootup. It is not controllable by an attacker. It is also unlikely to have an OOM condition at this time. We will not fix this.
dispute was also accepted by Mitre.