Google Git
Sign in
android / kernel / common / 28bc0267399f4
commit28bc0267399f42f987916a7174e2e32f0833cc65[log] [tgz]
authorDan Carpenter <[email protected]>Tue Mar 01 11:04:24 2022 +0300
committerGreg Kroah-Hartman <[email protected]>Wed Mar 23 09:13:29 2022 +0100
tree4d007a9d89c87b53e926ac8d342a68c7a71a5ea0
parent2c010c61e614f3ae5d26bf0803797075cc649f0b [diff]
usb: gadget: rndis: prevent integer overflow in rndis_set_response()

commit 65f3324f4b6fed78b8761c3b74615ecf0ffa81fa upstream.

If "BufOffset" is very large the "BufOffset + 8" operation can have an
integer overflow.

Cc: [email protected]
Fixes: 38ea1eac7d88 ("usb: gadget: rndis: check size of RNDIS_MSG_SET command")
Signed-off-by: Dan Carpenter <[email protected]>
Link: https://lore.kernel.org/r/20220301080424.GA17208@kili
Signed-off-by: Greg Kroah-Hartman <[email protected]>
1 file changed
tree: 4d007a9d89c87b53e926ac8d342a68c7a71a5ea0
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README
OSZAR »