Commit c7a60df0 authored by Oliver Neukum's avatar Oliver Neukum Committed by Zheng Zengkai
Browse files

sr9700: sanity check for packet length 

mainline inclusion
from mainline-v5.17-rc4
commit e9da0b56
category: bugfix
bugzilla: 186472, https://gitee.com/src-openeuler/kernel/issues/I4ZQIZ


CVE: CVE-2022-26966

--------------------------------

A malicious device can leak heap data to user space
providing bogus frame lengths. Introduce a sanity check.

Signed-off-by: default avatarOliver Neukum <oneukum@suse.com>
Reviewed-by: default avatarGrant Grundler <grundler@chromium.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Reviewed-by: default avatarWeilong Chen <chenweilong@huawei.com>
parent 0c83bb30
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment