| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Sep 2022 22:22:35 +0200
From: Enrik Berkhan <Enrik.Berkhan@...a.de>
To: linux-input@...r.kernel.org
Cc: linux-i2c@...r.kernel.org, linux-kernel@...r.kernel.org,
Rishi Gupta <gupt21@...il.com>,
Enrik Berkhan <Enrik.Berkhan@...a.de>
Subject: [RESEND PATCH v1 0/4] Fixes for the mcp2221 HID-to-I2C-bridge driver
In this patch series are fixes for issues I found during recent tests of
an MCP2221 board.
- you can confuse the kernel driver when using the chip from user mode
via /dev/hidrawX, typically leading to a NULL pointer dereference in
the driver's HID raw event handler
- the driver needs > 15s to initialize because the HID raw handling is
not enabled during initialization of the GPIO part
- data shared with the bottom half code is not protected from concurrent
access
- the rxbuf pointer can become invalid or even stale if the device would
send unsolicited reports
Enrik Berkhan (4):
HID: mcp2221: don't connect hidraw
HID: mcp2221: enable HID I/O during GPIO probe
HID: mcp2221: protect shared data with spin lock
HID: mcp2221: avoid stale rxbuf pointer
drivers/hid/hid-mcp2221.c | 114 ++++++++++++++++++++++++++++++++------
1 file changed, 97 insertions(+), 17 deletions(-)
---
Resend because I had a typo in the linux-input mailing list address.
Also adding linux-kernel to increase visibility.
--
2.34.1
Powered by blists - more mailing lists