On Wed, Sep 20, 2017 at 04:45:08PM +0200, Andrey Konovalov wrote: > Hi! > > I've got the following crash while fuzzing the kernel with syzkaller. > > On commit ebb2c2437d8008d46796902ff390653822af6cc4 (Sep 18). > > It looks like cdc_parse_cdc_header() doesn't validate buflen before > accessing buffer[1], buffer[2] and so on. The only check present is > while (buflen > 0).
Ugh, you are right, let me go work on a patch, thanks for the report...
