| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1512672005.git.shuahkh@osg.samsung.com>
Date: Thu, 7 Dec 2017 14:16:46 -0700
From: Shuah Khan <shuahkh@....samsung.com>
To: shuah@...nel.org, valentina.manea.m@...il.com,
gregkh@...uxfoundation.org
Cc: Shuah Khan <shuahkh@....samsung.com>, linux-usb@...r.kernel.org,
linux-kernel@...r.kernel.org, vuln@...unia.com
Subject: [PATCH 0/4] USB over IP Secuurity fixes
Jakub Jirasek from Secunia Research at Flexera reported security
vulnerabilities in the USB over IP driver. This patch series all
the 4 reported problems.
Jakub, could you please suggest an email address I can use for the
Reported-by tag?
Shuah Khan (4):
usbip: fix stub_rx: get_pipe() to validate endpoint number
usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
usbip: prevent vhci_hcd driver from leaking a socket pointer address
usbip: fix stub_send_ret_submit() vulnerability to null
transfer_buffer
drivers/usb/usbip/stub_rx.c | 51 +++++++++++++++++++++++++++++-------
drivers/usb/usbip/stub_tx.c | 7 +++++
drivers/usb/usbip/usbip_common.h | 1 +
drivers/usb/usbip/vhci_sysfs.c | 25 +++++++++++-------
tools/usb/usbip/libsrc/vhci_driver.c | 8 +++---
5 files changed, 69 insertions(+), 23 deletions(-)
--
2.14.1
Powered by blists - more mailing lists