kernel is vulnerable to arbitrary code execution. The vulnerability exists through an out-of-bounds access in the function build_audio_procunit
in the file sound/usb/mixer.c
.
lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
access.redhat.com/errata/RHSA-2019:2029
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1759059
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.2
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4351a199cc120ff9d59e06d02e8657d08e6cc46
security.netapp.com/advisory/ntap-20191004-0001/