ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()
stable inclusion from stable-v4.19.258 commit 2a308e415d247a23d4d64c964c02e782eede2936 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9LKC3 CVE: CVE-2022-48701 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2a308e415d247a23d4d64c964c02e782eede2936 -------------------------------- commit e53f47f6 upstream. There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces. Signed-off-by:Dongxiang Ke <kdx.glider@gmail.com> Link: https://lore.kernel.org/r/20220906024928.10951-1-kdx.glider@gmail.com Signed-off-by:
Loading
Please sign in to comment