CVE Request: integer overflow in ALSA snd_compress_check_input

[Marcus Meissner <meissner () suse de>]

Hi,

Someone seems to have assigned CVE-2014-9904 to commit 

commit 6217e5ede23285ddfee10d2e4ba0cc2d4c046205
Author: Dan Carpenter <dan.carpenter () oracle com>
Date:   Wed Jul 16 09:37:04 2014 +0300

    ALSA: compress: fix an integer overflow check
    
    I previously added an integer overflow check here but looking at it now,
    it's still buggy.
    
    The bug happens in snd_compr_allocate_buffer().  We multiply
    ".fragments" and ".fragment_size" and that doesn't overflow but then we
    save it in an unsigned int so it truncates the high bits away and we
    allocate a smaller than expected size.
    
    Fixes: b35cc8225845 ('ALSA: compress_core: integer overflow in snd_compr_allocate_buffer()')
    Signed-off-by: Dan Carpenter <dan.carpenter () oracle com>
    Signed-off-by: Takashi Iwai <tiwai () suse de>


but there was no 2012 CVE assignment to the original fixing commit b35cc8225845 as far as I see:

commit b35cc8225845112a616e3a2266d2fde5ab13d3ab
Author: Dan Carpenter <dan.carpenter () oracle com>
Date:   Wed Sep 5 15:32:18 2012 +0300

    ALSA: compress_core: integer overflow in snd_compr_allocate_buffer()
    
    These are 32 bit values that come from the user, we need to check for
    integer overflows or we could end up allocating a smaller buffer than
    expected.
    
    Signed-off-by: Dan Carpenter <dan.carpenter () oracle com>
    Signed-off-by: Takashi Iwai <tiwai () suse de>


Is there a 2012 CVE for it?

Ciao, Marcus