| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122448-snowbound-married-f070@gregkh>
Date: Wed, 24 Dec 2025 10:45:13 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
Cc: pawell@...ence.com, linux-usb@...r.kernel.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] usb: cdns2: fix a null pointer dereference in
cdns2_gadget_ep_queue()
On Wed, Dec 24, 2025 at 05:38:45PM +0800, Haoxiang Li wrote:
> If cdns2_gadget_ep_alloc_request() fails, a null pointer dereference
> occurs. Add a check to prevent it.
>
> Fixes: 3eb1f1efe204 ("usb: cdns2: Add main part of Cadence USBHS driver")
> Cc: stable@...r.kernel.org
> Signed-off-by: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
> ---
> drivers/usb/gadget/udc/cdns2/cdns2-gadget.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/usb/gadget/udc/cdns2/cdns2-gadget.c b/drivers/usb/gadget/udc/cdns2/cdns2-gadget.c
> index 9b53daf76583..c5b9dae743d8 100644
> --- a/drivers/usb/gadget/udc/cdns2/cdns2-gadget.c
> +++ b/drivers/usb/gadget/udc/cdns2/cdns2-gadget.c
> @@ -1725,6 +1725,8 @@ static int cdns2_gadget_ep_queue(struct usb_ep *ep, struct usb_request *request,
> struct cdns2_request *preq;
>
> zlp_request = cdns2_gadget_ep_alloc_request(ep, GFP_ATOMIC);
> + if (!zlp_request)
> + return -ENOMEM;
As stated before, you need to document the tool that you use to find
these types of things.
And how was this tested?
thanks,
greg k-h
Powered by blists - more mailing lists