]> www.infradead.org Git - users/jedix/linux-maple.git/commit
USB: digi_acceleport: do sanity checking for the number of ports
authorOliver Neukum <oneukum@suse.com>
Thu, 31 Mar 2016 16:04:26 +0000 (12:04 -0400)
committerChuck Anderson <chuck.anderson@oracle.com>
Sun, 5 Mar 2017 02:10:24 +0000 (18:10 -0800)
commitdab9c840e44cac8d78a617b55b1d2fd8acba98dd
tree8c5646158e4d40b7be44d47806a4bad24c3ed0bb
parentcff48f7deace38f8fe17962e1b3e87fb0f643328
USB: digi_acceleport: do sanity checking for the number of ports

Orabug: 22916868
CVE: CVE-2016-3140

The driver can be crashed with devices that expose crafted descriptors
with too few endpoints.

See: http://seclists.org/bugtraq/2016/Mar/61

Signed-off-by: Oliver Neukum <ONeukum@suse.com>
[johan: fix OOB endpoint check and add error messages ]
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f)
Signed-off-by: Brian Maly <brian.maly@oracle.com>
drivers/usb/serial/digi_acceleport.c