In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev->rx_q. It should be validated header size, payload size and total packet size before processing the packet. If an invalid packet is detected, it should be silently discarded.
| Product | Vendor | Version |
|---|---|---|
| Linux | Linux | 16.2 versions prior to 16.2R2-S9 |
| Linux | Linux | 17.1 versions prior to 17.1R3 |
| Linux | Linux | n/a |
| Linux | Linux | 10 Version 1709 for x64-based Systems |