Andrey Konovalov daga Google
Daga cikin batutuwan 15, 13 an riga an daidaita su a cikin sabbin abubuwan sabunta kwaya na Linux, amma lahani biyu (CVE-2019-15290, CVE-2019-15291) sun kasance ba a gyara su a cikin sabon sakin 5.2.9. Lalacewar da ba a buɗe ba na iya haifar da NULL mai nuni a cikin direbobin ath6kl da b2c2 lokacin karɓar bayanan da ba daidai ba daga na'urar. Sauran raunin sun haɗa da:
- Samun dama ga wuraren ƙwaƙwalwar ajiya da aka riga aka saki (amfani-bayan-kyauta) a cikin direbobi v4l2-dev/radio-raremono, dvb-usb, sauti/core, cpia2 da p54usb;
- Ƙwaƙwalwar kyauta sau biyu a cikin direban Rio500;
- Manufofin NULL a cikin yurex, zr364xx, siano/smsusb, sisusbvga, line6/pcm, motu_microbooki da direbobin line6.
source: budenet.ru