An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-30T03:04:34
Updated: 2024-08-04T23:17:40.130Z
Reserved: 2019-05-29T00:00:00
Link: CVE-2019-12454
Vulnrichment
Updated: 2024-08-04T23:17:40.130Z
NVD
Status : Modified
Published: 2019-05-30T04:29:01.807
Modified: 2024-08-05T00:15:22.540
Link: CVE-2019-12454
Redhat