Javier Martinez Canillas 128c16a682 usb: Avoid possible out-of-bound accesses caused by malicious devices ...

The maximum number of configurations and interfaces are fixed but there is
no out-of-bound checking to prevent a malicious USB device to report large
values for these and cause accesses outside the arrays' memory.

Fixes: CVE-2020-25647

Reported-by: Joseph Tartaro <joseph.tartaro@ioactive.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2021-03-02 15:54:15 +01:00

..

serial

Add gcc_struct to all packed structures when compiling with mingw.

2013-12-15 14:14:30 +01:00

ehci-fdt.c

arm_coreboot: Support EHCI.

2017-05-08 22:15:05 +02:00

ehci-pci.c

ehci: Split core code from PCI part.

2017-05-08 22:10:26 +02:00

ehci.c

ehci: Fix compilation on i386

2017-07-09 21:31:19 +02:00

ohci.c

ohci: fix memory leak

2015-06-20 23:38:19 +03:00

uhci.c

uhci: Fix null pointer dereference.

2015-01-24 20:38:12 +01:00

usb.c

usb: Avoid possible out-of-bound accesses caused by malicious devices

2021-03-02 15:54:15 +01:00

usbhub.c

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

usbtrans.c

arm_coreboot: Support EHCI.

2017-05-08 22:15:05 +02:00