projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0726fca) | patch
sr9700: sanity check for packet length
authorOliver Neukum <oneukum@suse.com>
Thu, 17 Feb 2022 13:10:44 +0000 (14:10 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 2 Mar 2022 10:47:50 +0000 (11:47 +0100)
commit9f2d614779906f3d8ad4fb882c5b3e5ad6150bbe
treef6592d04c262504fa18700b6c14b7a31ad58d660tree | snapshot
parent0726fca0b6cc26a9ee6b0a0ac8984b8be0c62fb8commit | diff
sr9700: sanity check for packet length

commit e9da0b56fe27206b49f39805f7dcda8a89379062 upstream.

A malicious device can leak heap data to user space
providing bogus frame lengths. Introduce a sanity check.

Signed-off-by: Oliver Neukum <oneukum@suse.com>
Reviewed-by: Grant Grundler <grundler@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/net/usb/sr9700.c diff | blob | history
ep93xx device tree rework repo: git://git.maquefel.me/linux.git