Bug ID: Bug 1115593 CVE ID: CVE-2018-19270 Description: USB: yurex: fix out-of-bounds uaccess in read handler Resolution Status: RESOLVED DUPLICATE of bug 1106095 Product: SUSE Security Incidents Component: Incidents Version: unspecified Hardware: aarch64 SLES 15 Severity: Normal Priority: P2 - High Assignee: Oliver Neukum QA Contact: Security Team bot CVE Request: CVE requested from Mitre Commits & Patches: - Fix commit: f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 - Patch release: 4.4.141 stable kernel - Fix in SLE15 branch patches already released Affected Versions: - 2.6.37 and later - 4.18 and later fixed Additional Information: - Potential for kernel memory corruption and privilege escalation - Patch fixes out-of-bounds problem in USB driver - SUSE security update (SUSE-SU-2019:0095-1) addresses this among other 13 vulnerabilities