An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.
https://usn.ubuntu.com/4118-1/
https://usn.ubuntu.com/4094-1/
https://github.com/torvalds/linux/commit/58bdd544e2933a21a51eecf17c3f5f94038261b5
http://www.securityfocus.com/bid/108776
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html