On Mon, Aug 01, 2016 at 12:18:54PM -0400, Alan Stern wrote: > Erroneous or malicious endpoint descriptors may have non-zero bits in > reserved positions, or out-of-bounds values. This patch helps prevent > these from causing problems by bounds-checking the wMaxPacketValue > entries in endpoint descriptors and capping the values at the maximum > allowed. > > Signed-off-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> > Reported-by: roswest <roswest@xxxxxxxxx> > Tested-by: roswest <roswest@xxxxxxxxx> > > --- > > I don't think this needs to go into the -stable kernels, but if anyone > disagrees I won't object. It's a "hardening" think to fix a known issue, I think it should go there, but will wait for some testing in Linus's tree before doing so. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
