projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 198ab40) | patch
cdc-acm: fix possible invalid access when processing notification
authorTobias Herzog <t-herzog@gmx.de>
Thu, 30 Mar 2017 20:15:10 +0000 (22:15 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 May 2017 13:44:36 +0000 (15:44 +0200)
commit809ae061d998359783c1bb0c52bba14f4a6397c4
tree96f2da7d48e5e0954989c66b3595e63af8e49141tree
parent198ab4031873b5511d6ef9b4777cabc4eebcaf18commit | diff
cdc-acm: fix possible invalid access when processing notification

commit 1bb9914e1730417d530de9ed37e59efdc647146b upstream.

Notifications may only be 8 bytes long. Accessing the 9th and
10th byte of unimplemented/unknown notifications may be insecure.
Also check the length of known notifications before accessing anything
behind the 8th byte.

Signed-off-by: Tobias Herzog <t-herzog@gmx.de>
Acked-by: Oliver Neukum <oneukum@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/class/cdc-acm.c diff | blob | history