On Fri, Apr 13, 2018 at 05:48:31AM -0300, Mauro Carvalho Chehab wrote: > Hi Greg, > > There are two important v4l2-core fixes on the patches merged this week by > Linux. > > 1) media: v4l2-core: fix size of devnode_nums[] bitarray > > This patch correct a regression against Kernel 4.16. It affects notebooks > with advanced Synaptics mice (and similar touch devices). On those devices, > the pad produces an image with is handled via V4L2. Without this patch, > the input driver OOPSes at probing time: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a95845ba184b854106972f5d8f50354c2d272c06 > > 2) v4l2-compat-ioctl32: don't oops on overlay > > This patch complements the security fix we've made at the V4L2 core > compat32 logic. It fixes an illegal use of an __user pointer without > first convert into a Kernel pointer with get_user(). It wasn't detect > before, as it uses an obscure streaming mode of V4L2 (overlay mode): > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=85ea29f19eab56ec16ec6b92bc67305998706afa > > This one should go all the way down to stable Kernels. Here, I was able > to reproduce the bug with both upstream Kernel and Kernel 3.18. The > patch applied without any conflicts on both. > > Could you please add both on your next set of -stable releases? Both now queued up, thanks, greg k-h