On Thu, 23 Jun 2016, Scott Bauer wrote: > This patch validates the num_values parameter from userland during > the HIDIOCGUSAGES and HIDIOCSUSAGES commands. Previously, if the > report id was set to HID_REPORT_ID_UNKNOWN, we would fail to > validate the num_values parameter leading to a heap overflow.
Thanks for the fix. I've added Cc: stable, applied it to for-4.7/upstream-fixes branch, and will be including it in a pull request to Linus shortly. -- Jiri Kosina SUSE Labs
