2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-29 23:53:55 +08:00
linux-next/drivers
Benjamin Tissoires 8821f5dc18 HID: multitouch: validate indexes details
When working on report indexes, always validate that they are in bounds.
Without this, a HID device could report a malicious feature report that
could trick the driver into a heap overflow:

[  634.885003] usb 1-1: New USB device found, idVendor=0596, idProduct=0500
...
[  676.469629] BUG kmalloc-192 (Tainted: G        W   ): Redzone overwritten

Note that we need to change the indexes from s8 to s16 as they can
be between -1 and 255.

CVE-2013-2897

Cc: stable@vger.kernel.org
Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2013-09-13 15:13:52 +02:00
..
accessibility
acpi Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2013-09-05 09:31:03 -07:00
amba
ata Merge branch 'for-3.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2013-09-03 18:19:53 -07:00
atm atm: he: print MAC via %pM 2013-09-04 14:41:55 -04:00
auxdisplay
base Merge branch 'next' of git://git.kernel.org/pub/scm/virt/kvm/kvm 2013-09-04 18:15:06 -07:00
bcma
block Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-09-06 09:36:28 -07:00
bluetooth
bus ARM: SoC platform changes for 3.12 2013-09-06 13:30:06 -07:00
cdrom
char Merge branch 'ipmi' 2013-09-05 08:34:38 -07:00
clk ARM: SoC platform changes for 3.12 2013-09-06 13:30:06 -07:00
clocksource ARM: SoC board updates for 3.12 2013-09-06 13:34:43 -07:00
connector
cpufreq ACPI and power management updates for 3.12-rc1 2013-09-03 15:59:39 -07:00
cpuidle cpuidle: coupled: fix race condition between pokes and safe state 2013-08-29 22:15:34 +02:00
crypto
dca
devfreq
dio
dma Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-09-05 08:50:26 -07:00
edac Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2013-09-06 11:14:33 -07:00
eisa
extcon Driver core patches for 3.12-rc1 2013-09-03 11:37:15 -07:00
firewire
firmware Big part of this is the addition of compression to the 2013-09-03 21:14:06 -07:00
fmc
gpio gpio: (gpio-pca953x) move header to linux/platform_data/ 2013-08-29 12:33:52 -07:00
gpu Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-09-06 09:36:28 -07:00
hid HID: multitouch: validate indexes details 2013-09-13 15:13:52 +02:00
hsi
hv Drivers: hv: vmbus: Do not attempt to negoatiate a new version prematurely 2013-08-30 12:08:04 -07:00
hwmon New driver for HTU21D (humidity sensor) 2013-09-03 10:43:35 -07:00
hwspinlock
i2c i2c: rcar: add rcar-H2 support 2013-09-04 11:49:16 +01:00
ide ide: sgiioc4: Staticize ioc4_ide_attach_one() 2013-09-05 15:21:30 -04:00
idle
iio staging tree merge for 3.12-rc1 2013-09-03 11:37:57 -07:00
infiniband Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-09-06 09:36:28 -07:00
input ARM: SoC DT updates for 3.12 2013-09-06 13:26:27 -07:00
iommu
ipack
irqchip ARM: SoC cleanups for 3.12 2013-09-06 13:21:16 -07:00
isdn Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
leds ARM: SoC board updates for 3.12 2013-09-06 13:34:43 -07:00
lguest
macintosh
mailbox
md SCSI misc on 20130903 2013-09-03 15:48:06 -07:00
media Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-09-06 10:49:42 -07:00
memory ARM: SoC platform changes for 3.12 2013-09-06 13:30:06 -07:00
memstick
message
mfd ARM: SoC low-priority fixes for 3.12 2013-09-06 13:17:02 -07:00
misc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-09-05 08:50:26 -07:00
mmc ARM: SoC board updates for 3.12 2013-09-06 13:34:43 -07:00
mtd
net Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-09-06 09:36:28 -07:00
nfc
ntb
nubus
of ARM: SoC platform changes for 3.12 2013-09-06 13:30:06 -07:00
oprofile oprofile: get rid of pointless forward declarations of struct super_block 2013-09-03 22:52:48 -04:00
parisc PCI changes for the v3.12 merge window: 2013-09-03 16:24:35 -07:00
parport drivers: parport: Kconfig: exclude h8300 for PARPORT_PC 2013-08-30 12:08:04 -07:00
pci ARM: SoC platform changes for 3.12 2013-09-06 13:30:06 -07:00
pcmcia
pinctrl PTR_RET() is a weird name, and led to some confusing usage. We ended 2013-09-04 17:31:11 -07:00
platform PTR_RET() is a weird name, and led to some confusing usage. We ended 2013-09-04 17:31:11 -07:00
pnp
power
pps
ps3
ptp
pwm ARM: SoC cleanups for 3.12 2013-09-06 13:21:16 -07:00
rapidio
regulator PTR_RET() is a weird name, and led to some confusing usage. We ended 2013-09-04 17:31:11 -07:00
remoteproc
reset
rpmsg
rtc PTR_RET() is a weird name, and led to some confusing usage. We ended 2013-09-04 17:31:11 -07:00
s390 SCSI misc on 20130903 2013-09-03 15:48:06 -07:00
sbus
scsi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-09-06 09:36:28 -07:00
sfi
sh
sn
spi ARM: SoC DT updates for 3.12 2013-09-06 13:26:27 -07:00
ssb
staging Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
target target: Fix se_cmd->state_list leak regression during WRITE failure 2013-08-31 15:19:12 -07:00
tc
thermal
tty ARM: SoC DT updates for 3.12 2013-09-06 13:26:27 -07:00
uio Driver core patches for 3.12-rc1 2013-09-03 11:37:15 -07:00
usb Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-09-06 10:49:42 -07:00
uwb
vfio
vhost vhost_net: correctly limit the max pending buffers 2013-09-03 22:46:58 -04:00
video ARM: SoC board updates for 3.12 2013-09-06 13:34:43 -07:00
virt
virtio
vlynq
vme vme: vme_ca91cx42.c: fix to pass correct device identity to free_irq() 2013-08-27 21:49:26 -07:00
w1
watchdog
xen Features: 2013-09-04 17:45:39 -07:00
zorro
Kconfig
Makefile