github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
5dc7e939b6
linux/drivers
History
Vladis Dronov a1d0a23831 Input: ati_remote2 - fix crashes on detecting device with invalid descriptor 
commit 950336ba3e upstream.

The ati_remote2 driver expects at least two interfaces with one
endpoint each. If given malicious descriptor that specify one
interface or no endpoints, it will crash in the probe function.
Ensure there is at least two interfaces and one endpoint for each
interface before using it.

The full disclosure: http://seclists.org/bugtraq/2016/Mar/90

Reported-by: Ralf Spenneberg <ralf@spenneberg.net>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-04-12 09:09:04 -07:00
..
accessibility
acpi ACPI / PM: Runtime resume devices when waking from hibernate 2016-04-12 09:09:03 -07:00
amba
android drivers: android: correct the size of struct binder_uintptr_t for BC_DEAD_BINDER_DONE 2016-03-03 15:07:10 -08:00
ata pata-rb532-cf: get rid of the irq_to_gpio() call 2016-03-09 15:34:53 -08:00
atm
auxdisplay
base base/platform: Fix platform drivers with no probe callback 2016-02-17 12:30:55 -08:00
bcma
block brd: Fix discard request processing 2016-04-12 09:08:53 -07:00
bluetooth Bluetooth: Add new AR3012 ID 0489:e095 2016-04-12 09:08:54 -07:00
bus bus: sunxi-rsb: Fix peripheral IC mapping runtime address 2015-12-22 11:42:30 -08:00
cdrom
char tpm: fix the cleanup of struct tpm_chip 2016-04-12 09:08:47 -07:00
clk clk: bcm2835: Fix setting of PLL divider clock rates 2016-04-12 09:09:02 -07:00
clocksource clockevents/tcb_clksrc: Prevent disabling an already disabled clock 2016-03-03 15:07:15 -08:00
connector connector: bump skb->users before callback invocation 2016-01-04 21:46:45 -05:00
cpufreq cpufreq: Fix NULL reference crash while accessing policy->governor_data 2016-03-03 15:07:25 -08:00
cpuidle
crypto crypto: marvell/cesa - forward devm_ioremap_resource() error code 2016-04-12 09:08:46 -07:00
dca
devfreq
dio
dma dmaengine: at_xdmac: fix residue computation 2016-03-16 08:42:58 -07:00
dma-buf
edac EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() 2016-04-12 09:08:36 -07:00
eisa
extcon
firewire
firmware efi: Add pstore variables to the deletion whitelist 2016-03-03 15:07:09 -08:00
fmc
fpga fpga manager: Fix firmware resource leak on error 2015-11-24 15:25:46 -08:00
gpio gpio: revert get() to non-errorprogating behaviour 2015-12-17 15:48:29 +01:00
gpu drm/amdgpu: include the right version of gmc header files for iceland 2016-04-12 09:08:59 -07:00
hid HID: fix hid_ignore_special_drivers module parameter 2016-04-12 09:08:48 -07:00
hsi
hv Drivers: hv: vmbus: Fix a Host signaling bug 2016-03-03 15:07:16 -08:00
hwmon hwmon: (ads1015) Handle negative conversion values correctly 2016-03-03 15:07:25 -08:00
hwspinlock drivers/hwspinlock: fix race between radix tree insertion and lookup 2016-02-25 12:01:23 -08:00
hwtracing coresight: checking for NULL string in coresight_name_match() 2016-03-03 15:07:14 -08:00
i2c i2c: brcmstb: allocate correct amount of memory for regmap 2016-03-09 15:34:56 -08:00
ide
idle
iio iio: inkern: fix a NULL dereference on error 2016-02-25 12:01:17 -08:00
infiniband iser-target: Rework connection termination 2016-04-12 09:09:03 -07:00
input Input: ati_remote2 - fix crashes on detecting device with invalid descriptor 2016-04-12 09:09:04 -07:00
iommu iommu/vt-d: Use BUS_NOTIFY_REMOVED_DEVICE in hotplug path 2016-03-09 15:34:51 -08:00
ipack
irqchip irqchip/gic-v3-its: Fix double ICC_EOIR write for LPI in EOImode==1 2016-03-03 15:07:14 -08:00
isdn ser_gigaset: remove unnecessary kfree() calls from release method 2015-12-15 13:24:21 -05:00
leds
lguest
lightnvm lightnvm: wrong offset in bad blk lun calculation 2015-12-29 08:28:32 -07:00
macintosh
mailbox
mcb
md md: multipath: don't hardcopy bio in .make_request path 2016-04-12 09:08:57 -07:00
media media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 2016-04-12 09:08:50 -07:00
memory fsl-ifc: add missing include on ARM64 2015-12-16 00:16:58 +01:00
memstick
message
mfd
misc mei: bus: check if the device is enabled before data transfer 2016-04-12 09:08:46 -07:00
mmc mmc: sdhci: Fix override of timeout clk wrt max_busy_timeout 2016-04-12 09:09:02 -07:00
mtd ubi: Fix out of bounds write in volume update code 2016-03-09 15:34:56 -08:00
net iwlwifi: mvm: Fix paging memory leak 2016-04-12 09:08:58 -07:00
nfc
ntb
nubus
nvdimm libnvdimm: Fix security issue with DSM IOCTL. 2016-04-12 09:08:39 -07:00
nvme NVMe: IO ending fixes on surprise removal 2015-12-22 10:12:04 -07:00
nvmem
of of: alloc anywhere from memblock if range not specified 2016-04-12 09:08:55 -07:00
oprofile
parisc parisc iommu: fix panic due to trying to allocate too large region 2015-12-12 16:07:25 +01:00
parport
pci PCI: Disable IO/MEM decoding for devices with non-compliant BARs 2016-04-12 09:08:37 -07:00
pcmcia
perf
phy phy: core: fix wrong err handle for phy_power_on 2016-03-03 15:07:28 -08:00
pinctrl pinctrl-bcm2835: Fix cut-and-paste error in "pull" parsing 2016-04-12 09:08:37 -07:00
platform ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list 2016-04-12 09:09:01 -07:00
pnp
power
powercap powercap / RAPL: fix BIOS lock check 2015-12-12 02:31:11 +01:00
pps
ps3
ptp
pwm
rapidio
ras
regulator regulator: core: Fix nested locking of supplies 2016-04-12 09:08:31 -07:00
remoteproc remoteproc: fix memory leak of remoteproc ida cache layers 2015-11-26 17:44:28 +02:00
reset
rpmsg
rtc rtc: da9063: fix access ordering error during RTC interrupt at system power on 2015-12-20 13:39:29 +01:00
s390 s390/dasd: fix diag 0x250 inline assembly 2016-03-16 08:42:58 -07:00
sbus
scsi ipr: Fix regression when loading firmware 2016-04-12 09:08:58 -07:00
sfi
sh drivers: sh: Restore legacy clock domain on SuperH platforms 2016-03-09 15:34:49 -08:00
sn
soc Few Keystone fixes for 4.4-rcx 2015-11-25 23:48:12 +01:00
spi spi: atmel: fix gpio chip-select in case of non-DT platform 2016-03-03 15:07:27 -08:00
spmi
ssb
staging staging: comedi: ni_mio_common: fix the ni_write[blw]() functions 2016-04-12 09:08:49 -07:00
target target: Fix target_release_cmd_kref shutdown comp leak 2016-04-12 09:09:02 -07:00
tc
thermal Thermal: Ignore invalid trip points 2016-04-12 09:08:35 -07:00
thunderbolt
tty 8250: use callbacks to access UART_DLL/UART_DLM 2016-04-12 09:08:49 -07:00
uio
usb USB: option: add "D-Link DWM-221 B1" device id 2016-04-12 09:08:42 -07:00
uwb
vfio vfio: fix ioctl error handling 2016-03-09 15:34:50 -08:00
vhost vhost: replace % with & on data path 2015-12-07 17:28:10 +02:00
video fbcon: set a default value to blink interval 2016-03-09 15:34:50 -08:00
virt
virtio virtio_pci: fix use after free on release 2016-03-03 15:07:18 -08:00
vlynq
vme
w1
watchdog watchdog: rc32434_wdt: fix ioctl error handling 2016-04-12 09:08:54 -07:00
xen xen/pciback: Save the number of MSI-X entries to be copied later. 2016-03-03 15:07:30 -08:00
zorro
Kconfig
Makefile