git.kernel.dk Git - linux-block.git/commit

author	Oliver Neukum <oneukum@suse.com>
	Thu, 17 Feb 2022 13:10:44 +0000 (14:10 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 2 Mar 2022 10:42:47 +0000 (11:42 +0100)
commit	4f5f5411f0c14ac0b61d5e6a77d996dd3d5b5fd3
tree	5e8a7ac457f68e0e5139639c522750c5faae3f15	tree
parent	55eec5c630eac8034bbfb772bb2e2bccc0777a2b	commit \| diff

sr9700: sanity check for packet length

commit e9da0b56fe27206b49f39805f7dcda8a89379062 upstream.

A malicious device can leak heap data to user space
providing bogus frame lengths. Introduce a sanity check.

Signed-off-by: Oliver Neukum <oneukum@suse.com>
Reviewed-by: Grant Grundler <grundler@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/net/usb/sr9700.c

diff | blob | blame | history

Linux 6.x block layer and io_uring tree(s)

RSS Atom