CVE-2019-17666

rtlp2pnoa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

References

Affected packages

Git

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events: Introduced

8fe28cb58bcb235034b64cbbb7550a8a43fd88be

Fixed

0ecfebd2b52404ae0c54a878c872bb93363ada36

Affected versions

v4.*

v4.20

v5.*

v5.0

v5.0-rc1

v5.0-rc2

v5.0-rc3

v5.0-rc4

v5.0-rc5

v5.0-rc6

v5.0-rc7

v5.0-rc8

v5.1

v5.1-rc1

v5.1-rc2

v5.1-rc3

v5.1-rc4

v5.1-rc5

v5.1-rc6

v5.1-rc7

v5.2-rc1

v5.2-rc2

v5.2-rc3

v5.2-rc4

v5.2-rc5

v5.2-rc6

v5.2-rc7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-17666.json"

github.com/checkstyle/checkstyle

Affected ranges

Type: GIT
Repo: https://github.com/checkstyle/checkstyle
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c77953b8a8ac160fbc83086b1dd80645e47f419e

Affected versions

Other

bcel

release1_1

release1_2

release1_3

release1_4

release2_0

release2_2

release2_4

release3_0

release3_1

release3_2

release3_3

release3_4

release4_0

release4_0_beta_1

release4_0_beta_2

release4_0_beta_3

release4_0_beta_4

release4_0_beta_5

release4_1

release4_2

release4_3

release4_4

release5_3

release5_4

release5_5

release5_6

release5_7

v2-branch_lmp

checkstyle-5.*

checkstyle-5.8

checkstyle-5.9

checkstyle-6.*

checkstyle-6.0

checkstyle-6.1

checkstyle-6.1.1

checkstyle-6.10

checkstyle-6.10.1

checkstyle-6.11

checkstyle-6.11.1

checkstyle-6.11.2

checkstyle-6.12

checkstyle-6.12.1

checkstyle-6.13

checkstyle-6.14

checkstyle-6.14.1

checkstyle-6.15

checkstyle-6.16

checkstyle-6.16.1

checkstyle-6.17

checkstyle-6.18

checkstyle-6.19

checkstyle-6.2

checkstyle-6.3

checkstyle-6.4

checkstyle-6.4.1

checkstyle-6.5

checkstyle-6.6

checkstyle-6.7

checkstyle-6.8

checkstyle-6.8.1

checkstyle-6.9

checkstyle-7.*

checkstyle-7.0

checkstyle-7.1

checkstyle-7.1.1

checkstyle-7.1.2

checkstyle-7.2

checkstyle-7.3

checkstyle-7.4

checkstyle-7.5

checkstyle-7.5.1

checkstyle-7.6

checkstyle-7.6.1

checkstyle-7.7

checkstyle-7.8

checkstyle-7.8.1

checkstyle-7.8.2

checkstyle-8.*

checkstyle-8.0

checkstyle-8.1

checkstyle-8.10

checkstyle-8.10.1

checkstyle-8.2

checkstyle-8.3

checkstyle-8.4

checkstyle-8.5

checkstyle-8.6

checkstyle-8.7

checkstyle-8.8

checkstyle-8.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-17666.json"

vanir_signatures

[
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "330783449895898490756523123912080443966",
                "211329588561842300411291328935119748590",
                "213335473798029909252127424008598975906",
                "59237672096858256397790723256279432533",
                "202743138070593260373554723328368231282",
                "54855662767261669893818210887353885885",
                "13220711924947749185391536602072999000",
                "239624186562695941056612124286120814699"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-1337ed62",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/api/JavadocTokenTypesTest.java"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "length": 253.0,
            "function_hash": "251828518032866550304416758956888341542"
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-15fff9a0",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/utils/JavadocUtilsTest.java",
            "function": "testGetTokenNameForLowerBoundInvalidId"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "79051362574960102759184077249616579791",
                "139915517594237403462284197760163786126",
                "181515273874299777986811339415832867013",
                "211620816414269959643275459919778687078",
                "181993415527562832828189679908953834830",
                "327576928032556171137052786214372777530",
                "17851273704468831215773231152858683300",
                "308637961014553747925364979941159001339",
                "321723940989602473885352374175383191003",
                "205782275624595353211988703632924681754",
                "284927964502107770483183018484605798832",
                "55815529764773402201832410798008016195",
                "200145681589847390957386540235028938434"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-36548546",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/utils/JavadocUtilsTest.java"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "317882040206053455066057915000738642204",
                "87675796402599855558190118295172965921",
                "70327170075786414536983233354476761214",
                "287737240905024829312024010663308487848",
                "128943388809190120314050578088608893716",
                "169464091733456303866928285291570839216",
                "309037665555608347852434100136798276862"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-8ce50253",
        "target": {
            "file": "src/main/java/com/puppycrawl/tools/checkstyle/api/JavadocTokenTypes.java"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "43107011772664489665314974789670267383",
                "204479065451930649296980961411896426862",
                "19061927379621398292831046916224295835"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-9396e84c",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/grammars/javadoc/JavadocParseTreeTest.java"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "length": 109.0,
            "function_hash": "288265049863556219417251928001527812306"
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-9e22469c",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/utils/JavadocUtilsTest.java",
            "function": "testGetTokenNames"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "length": 4559.0,
            "function_hash": "261526603684767633202958313733574576571"
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-d7758f60",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/grammars/javadoc/GeneratedJavadocTokenTypesTest.java",
            "function": "testRuleNumbers"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "23675366995699736357529571430061886362",
                "99052491524682567823728523078998028178",
                "88055791357096678314915215211507554832",
                "22237108984851818323672294360141278467",
                "121129236011644378832433326831203878368",
                "99474065213783021100161513576388432277",
                "331298648465641052220981915489006725629",
                "141019705209049253346213568137806403784"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-d78d2321",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/grammars/javadoc/GeneratedJavadocTokenTypesTest.java"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "length": 9930.0,
            "function_hash": "206163383830211621143959656966745810187"
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-e7ea67e9",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/api/JavadocTokenTypesTest.java",
            "function": "testTokenValues"
        }
    },
    {
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "length": 5404.0,
            "function_hash": "198050984030235009635825395411622204735"
        },
        "signature_version": "v1",
        "source": "https://github.com/checkstyle/checkstyle/commit/c77953b8a8ac160fbc83086b1dd80645e47f419e",
        "id": "CVE-2019-17666-ea014642",
        "target": {
            "file": "src/test/java/com/puppycrawl/tools/checkstyle/grammars/javadoc/GeneratedJavadocTokenTypesTest.java",
            "function": "testTokenNumbers"
        }
    }
]