| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <nycvar.YFH.7.76.2002051053060.26888@cbobk.fhfr.pm>
Date: Wed, 5 Feb 2020 10:54:44 +0100 (CET)
From: Jiri Kosina <jikos@...nel.org>
To: "Enderborg, Peter" <Peter.Enderborg@...y.com>
cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Alan Stern <stern@...land.harvard.edu>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
"syzbot+09ef48aa58261464b621@...kaller.appspotmail.com"
<syzbot+09ef48aa58261464b621@...kaller.appspotmail.com>
Subject: Re: [PATCH 5.4 17/78] HID: Fix slab-out-of-bounds read in
hid_field_extract (Broken!)
On Wed, 5 Feb 2020, Enderborg, Peter wrote:
> >> This patch breaks Elgato StreamDeck.
>
> > Does that mean the device is broken with a too-large of a report?
>
> Yes.
In which way does the breakage pop up? Are you getting "report too long"
errors in dmesg, or the device just doesn't enumerate at all?
Could you please post /sys/kernel/debug/hid/<device>/rdesc contents, and
if the device is at least semi-alive, also contents of
/sys/kernel/debug/hid/<device>/events from the time it misbehaves?
> > Is it broken in Linus's tree? If so, can you work with the HID
> > developers to fix it there so we can backport the fix to all stable
> > trees?
>
> I cant see that there are any other fixes upon this so I dont think so.
> I can try.
>
>
> Jiri is in the loop. I guess he is the "HID developers" ?
Thanks,
--
Jiri Kosina
SUSE Labs
Powered by blists - more mailing lists