Re: [PATCH v3] HID: betop: fix slab-out-of-bounds Write in betop_probe

From: Jiri Kosina
Date: Wed Sep 15 2021 - 10:31:55 EST

Next message: Christophe Leroy: "[PATCH] powerpc: warn on emulation of dcbz instruction"
Previous message: Jisheng Zhang: "Re: [RFC PATCH v8 21/21] riscv: Turn has_vector into a static key if VECTOR=y"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 24 Aug 2021, F.A.Sulaiman wrote:

> Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver.
> The problem is the driver assumes the device must have an input report but
> some malicious devices violate this assumption.
>
> So this patch checks hid_device's input is non empty before it's been used.
>
> Reported-by: syzbot+07efed3bc5a1407bd742@xxxxxxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: F.A. SULAIMAN <asha.16@xxxxxxxxxxxxxxx>

Applied, thanks.

--
Jiri Kosina
SUSE Labs

Next message: Christophe Leroy: "[PATCH] powerpc: warn on emulation of dcbz instruction"
Previous message: Jisheng Zhang: "Re: [RFC PATCH v8 21/21] riscv: Turn has_vector into a static key if VECTOR=y"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]