oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: Linux kernel: ttusb-dec: overflow by descriptor

From: Marcus Meissner <meissner () suse de>
Date: Fri, 14 Nov 2014 13:37:45 +0100
Hi,

Overflow in a DVB-T usb driver, it overflows into a small size stack array.

Ciao, Marcus

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f2e323ec96077642d397bb1c355def536d489d16

commit f2e323ec96077642d397bb1c355def536d489d16
Author: Dan Carpenter <dan.carpenter () oracle com>
Date:   Fri Sep 5 09:09:28 2014 -0300

    [media] ttusb-dec: buffer overflow in ioctl
        
    We need to add a limit check here so we don't overflow the buffer.
Previous By Date Next
Previous By Thread Next

Current thread: