On Sun, Jan 19, 2020 at 02:40:29PM +0100, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
The patch below does not apply to the 4.14-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@xxxxxxxxxxxxxxx>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From e37d1aeda737a20b1846a91a3da3f8b0f00cf690 Mon Sep 17 00:00:00 2001
From: Johan Hovold <johan@xxxxxxxxxx>
Date: Fri, 17 Jan 2020 10:50:23 +0100
Subject: [PATCH] USB: serial: io_edgeport: handle unbound ports on URB
completion
Check for NULL port data in the shared interrupt and bulk completion
callbacks to avoid dereferencing a NULL pointer in case a device sends
data for a port device which isn't bound to a driver (e.g. due to a
malicious device having unexpected endpoints or after an allocation
failure on port probe).
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable <stable@xxxxxxxxxxxxxxx>
Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Johan Hovold <johan@xxxxxxxxxx>
I also took dd1fae527612 ("USB: serial: io_edgeport: use irqsave() in
USB's complete callback") as a fix on it's own, and queued both for
4.14-4.4.
--
Thanks,
Sasha
