| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1690432469-14803-1-git-send-email-quic_vgarodia@quicinc.com>
Date: Thu, 27 Jul 2023 10:04:25 +0530
From: Vikash Garodia <quic_vgarodia@...cinc.com>
To: <stanimir.k.varbanov@...il.com>, <bryan.odonoghue@...aro.org>,
<agross@...nel.org>, <andersson@...nel.org>,
<konrad.dybcio@...aro.org>, <mchehab@...nel.org>,
<hans.verkuil@...co.com>, <tfiga@...omium.org>
CC: <linux-media@...r.kernel.org>, <linux-arm-msm@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <stable@...r.kernel.org>,
Vikash Garodia <quic_vgarodia@...cinc.com>
Subject: [PATCH 0/4] Venus driver fixes to avoid possible OOB accesses
This series primarily adds check at relevant places in venus driver where there
are possible OOB accesses due to unexpected payload from venus firmware. The
patches describes the specific OOB possibility.
Please review and share your feedback.
Vikash Garodia (4):
venus: hfi: add checks to perform sanity on queue pointers
venus: hfi: fix the check to handle session buffer requirement
venus: hfi: add checks to handle capabilities from firmware
venus: hfi_parser: Add check to keep the number of codecs within range
drivers/media/platform/qcom/venus/hfi_msgs.c | 2 +-
drivers/media/platform/qcom/venus/hfi_parser.c | 27 ++++++++++++++++++++++++++
drivers/media/platform/qcom/venus/hfi_venus.c | 8 ++++++++
3 files changed, 36 insertions(+), 1 deletion(-)
--
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project
Powered by blists - more mailing lists