Re: [PATCH] HID: hiddev: fix potential Spectre v1
From: Jiri Kosina
Date: Mon Jul 09 2018 - 08:31:48 EST
On Fri, 29 Jun 2018, Gustavo A. R. Silva wrote:
> uref->field_index, uref->usage_index, finfo.field_index and
> cinfo.index can be indirectly controlled by user-space, hence
> leading to a potential exploitation of the Spectre variant 1
> vulnerability.
>
> This issue was detected with the help of Smatch:
Applied, thanks Gustavo.
--
Jiri Kosina
SUSE Labs