WSL2-Linux-Kernel/drivers/usb/usbip
Shuah Khan 5fd77a3a0e usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer
v_send_ret_submit() handles urb with a null transfer_buffer, when it
replays a packet with potential malicious data that could contain a
null buffer.

Add a check for the condition when actual_length > 0 and transfer_buffer
is null.

Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-01-04 17:07:27 +01:00
..
Kconfig usb: Kconfig: using select for USB_COMMON dependency 2016-09-27 12:20:17 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
README usbip: move usbip kernel code out of staging 2014-08-25 10:40:06 -07:00
stub.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
stub_dev.c usbip: prevent leaking socket pointer address in messages 2017-12-19 11:40:54 +01:00
stub_main.c usbip: stub: stop printing kernel pointer addresses in messages 2017-12-19 11:40:54 +01:00
stub_rx.c usbip: stub_rx: fix static checker warning on unnecessary checks 2017-12-19 11:40:55 +01:00
stub_tx.c usbip: stub: stop printing kernel pointer addresses in messages 2017-12-19 11:40:54 +01:00
usbip_common.c usbip: remove kernel addresses from usb device and urb debug msgs 2018-01-04 17:07:26 +01:00
usbip_common.h usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-08 17:32:23 +01:00
usbip_event.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vhci.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vhci_hcd.c usbip: prevent leaking socket pointer address in messages 2017-12-19 11:40:54 +01:00
vhci_rx.c usbip: vhci: stop printing kernel pointer addresses in messages 2017-12-19 11:40:54 +01:00
vhci_sysfs.c usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-08 17:32:23 +01:00
vhci_tx.c usbip: vhci: stop printing kernel pointer addresses in messages 2017-12-19 11:40:54 +01:00
vudc.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_dev.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_main.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_rx.c usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input 2018-01-04 17:07:26 +01:00
vudc_sysfs.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_transfer.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_tx.c usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer 2018-01-04 17:07:27 +01:00

README

TODO:
	- more discussion about the protocol
	- testing
	- review of the userspace interface
	- document the protocol

Please send patches for this code to Greg Kroah-Hartman <greg@kroah.com>