Re: [PATCH 2/4] cdc-acm: fix possible invalid access when processing notification

Am Dienstag, den 14.03.2017, 21:14 +0100 schrieb Tobias Herzog: > Notifications may only be 8 bytes so long. Accessing the 9th and > 10th byte of unimplemented/unknown notifications may be insecure. > Also check the length of known notifications before accessing anything > behind the 8th byte. > >

[PATCH 2/4] cdc-acm: fix possible invalid access when processing notification

Notifications may only be 8 bytes so long. Accessing the 9th and 10th byte of unimplemented/unknown notifications may be insecure. Also check the length of known notifications before accessing anything behind the 8th byte. Signed-off-by: Tobias Herzog --- drivers/usb/class/cdc-acm.c | 11 +++