usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (eebf3152) · Commits · Android-smartphones / samsung / s7 / ressurect remix / kernel_samsung_universal8890

Commit eebf3152 authored Dec 07, 2017 by Shuah Khan Committed by Greg Kroah-Hartman Feb 16, 2018

usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input



commit c6688ef9f29762e65bce325ef4acd6c675806366 upstream.

Harden CMD_SUBMIT path to handle malicious input that could trigger
large memory allocations. Add checks to validate transfer_buffer_length
and number_of_packets to protect against bad input requesting for
unbounded memory allocations. Validate early in get_pipe() and return
failure.

Reported-by: Secunia Research <vuln@secunia.com>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 385e124b

Hide whitespace changes

Inline Side-by-side

Please register or to comment