projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e56d7cd) | patch
usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer
authorShuah Khan <shuahkh@osg.samsung.com>
Sat, 23 Dec 2017 02:23:47 +0000 (19:23 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 17 Jan 2018 08:45:26 +0000 (09:45 +0100)
commit0382becc1d24e1cd00dc44e1fa5f7655441c258c
tree6910903304e0b0565381b0d5a3d20a689a90e364tree | snapshot (tar.gz zip)
parente56d7cd5f31ef90b1c4ecb9a0f771bad46938a01commit | diff
usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer

commit 5fd77a3a0e408c23ab4002a57db980e46bc16e72 upstream.

v_send_ret_submit() handles urb with a null transfer_buffer, when it
replays a packet with potential malicious data that could contain a
null buffer.

Add a check for the condition when actual_length > 0 and transfer_buffer
is null.

Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/usbip/vudc_tx.c diff | blob | blame | history