Jakub Jirasek from Secunia Research at Flexera reported security
vulnerabilities in the USB over IP driver. This patch series all
the 4 reported problems.
Jakub, could you please suggest an email address I can use for the
Reported-by tag?
Shuah Khan (4):
usbip: fix stub_rx: get_pipe() to validate endpoint number
usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
usbip: prevent vhci_hcd driver from leaking a socket pointer address
usbip: fix stub_send_ret_submit() vulnerability to null
transfer_buffer
drivers/usb/usbip/stub_rx.c | 51 +++++++++++++++++++++++++++++-------
drivers/usb/usbip/stub_tx.c | 7 +++++
drivers/usb/usbip/usbip_common.h | 1 +
drivers/usb/usbip/vhci_sysfs.c | 25 +++++++++++-------
tools/usb/usbip/libsrc/vhci_driver.c | 8 +++---
5 files changed, 69 insertions(+), 23 deletions(-)
--
2.14.1
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
