Darkangeel_hd
/
lineage_android_kernel_samsung_jf
mirror of https://github.com/Darkangeel-hd/lineage_android_kernel_samsung_jf.git
1
0
Fork 0
Code Issues Releases Wiki Activity
lineage_android_kernel_sams.../drivers
History
Kees Cook f09344e336 HID: pantherlord: validate output report details 
commit 412f30105ec6735224535791eed5cdc02888ecb4 upstream.

A HID device could send a malicious output report that would cause the
pantherlord HID driver to write beyond the output report allocation
during initialization, causing a heap overflow:

[  310.939483] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0003
...
[  315.980774] BUG kmalloc-192 (Tainted: G        W   ): Redzone overwritten

CVE-2013-2892

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2013-09-26 17:15:34 -07:00
..
accessibility
acpi ACPI / EC: Add ASUSTEK L4R to quirk list in order to validate ECDT 2013-09-07 21:58:15 -07:00
amba
ata libata: apply behavioral quirks to sil3826 PMP 2013-08-29 09:50:13 -07:00
atm atm/iphase: rename fregt_t -> ffreg_t 2013-02-14 10:49:05 -08:00
auxdisplay
base drivers/base/memory.c: fix show_mem_removable() to handle missing sections 2013-09-07 21:58:14 -07:00
bcma bcma: mips: fix clearing device IRQ 2013-01-17 08:50:41 -08:00
block xen/blkback: Check device permissions before allowing OP_DISCARD 2013-08-04 16:25:54 +08:00
bluetooth Bluetooth: Add support for Dell[QCA 0cf3:817a] 2013-04-05 10:04:15 -07:00
cdrom drivers/cdrom/cdrom.c: use kzalloc() for failing hardware 2013-07-13 11:03:40 -07:00
char virtio: console: return -ENODEV on all read operations after unplug 2013-08-14 22:57:07 -07:00
clk clk: remove notifier from list before freeing it 2013-06-27 11:27:30 -07:00
clocksource
connector
cpufreq cpufreq / Longhaul: Disable driver by default 2013-05-11 13:48:10 -07:00
cpuidle
crypto
dca dca: check against empty dca_domains list before unregister provider 2013-02-28 06:59:06 -08:00
devfreq
dio
dma drivers/dma/pl330.c: fix locking in pl330_free_chan_resources() 2013-07-21 18:19:02 -07:00
edac EDAC: Test correct variable in ->store function 2013-02-03 18:24:41 -06:00
eisa EISA/PCI: Fix bus res reference 2013-04-12 09:38:44 -07:00
firewire firewire: fix libdc1394/FlyCap2 iso event regression 2013-08-04 16:26:02 +08:00
firmware efivars: Handle duplicate names from get_next_variable() 2013-04-05 10:04:36 -07:00
gpio
gpu drm/i915: ivb: fix edp voltage swing reg val 2013-09-07 21:58:15 -07:00
hid HID: pantherlord: validate output report details 2013-09-26 17:15:34 -07:00
hsi
hv
hwmon hwmon: (adt7470) Fix incorrect return code check 2013-08-14 22:57:06 -07:00
hwspinlock hwspinlock: fix __hwspin_lock_request error path 2013-04-12 09:38:46 -07:00
i2c i2c: designware: always clear interrupts before enabling them 2013-05-24 11:14:22 -07:00
ide
idle
ieee802154
infiniband IPoIB: Fix send lockup due to missed TX completion 2013-03-28 12:12:25 -07:00
input Input: cyttsp - fix memcpy size param 2013-06-27 11:27:33 -07:00
iommu iommu/amd: Only unmap large pages from the first pte 2013-07-28 16:25:47 -07:00
isdn isdn/gigaset: fix zero size border case in debug dump 2013-02-14 10:49:04 -08:00
leds drivers/leds/leds-ot200.c: fix error caused by shifted mask 2013-06-07 12:49:13 -07:00
lguest
macintosh
mca
md md/raid1,raid10: use freeze_array in place of raise_barrier in various places. 2013-08-20 08:26:28 -07:00
media media: mantis: fix silly crash case 2013-05-24 11:14:23 -07:00
memstick
message
mfd mfd: adp5520: Restore mode bits on resume 2013-05-07 19:51:57 -07:00
misc SGI-XP: handle non-fatal traps 2013-01-11 09:06:29 -08:00
mmc mmc: atmel-mci: pio hang on block errors 2013-05-07 19:51:57 -07:00
mtd vm: convert mtdchar mmap to vm_iomap_memory() helper 2013-04-25 21:19:56 -07:00
net ath9k: avoid accessing MRC registers on single-chain devices 2013-09-26 17:15:33 -07:00
nfc NFC: pn533: Fix mem leak in pn533_in_dep_link_up 2012-12-03 11:47:12 -08:00
nubus
of of: fdt: fix memory initialization for expanded DT 2013-08-29 09:50:12 -07:00
oprofile
parisc
parport
pci ahci: Add AMD CZ SATA device ID 2013-07-21 18:19:01 -07:00
pcmcia pcmcia: at91_cf: fix gpio_get_value in at91_cf_get_status 2013-07-21 18:19:01 -07:00
pinctrl
platform thinkpad-acpi: recognize latest V-Series using DMI_BIOS_VENDOR 2013-06-07 12:49:49 -07:00
pnp pnpacpi: fix incorrect TEST_ALPHA() test 2013-01-11 09:06:29 -08:00
power charger-manager: Ensure event is not used as format string 2013-07-13 11:03:40 -07:00
pps
ps3
ptp
rapidio
regulator regulator: wm831x: Set the new rather than old value for DVS VSEL 2013-01-17 08:50:41 -08:00
remoteproc
rpmsg
rtc drivers/rtc/rtc-rv3029c2.c: fix disabling AIE irq 2013-07-21 18:19:01 -07:00
s390 SCSI: zfcp: fix schedule-inside-lock in scsi_device list loops 2013-08-29 09:50:13 -07:00
sbus
scsi SCSI: sd: Fix potential out-of-bounds access 2013-09-26 17:15:29 -07:00
sfi
sh
sn
spi spi/mpc512x-psc: optionally keep PSC SS asserted across xfer segmensts 2013-04-12 09:38:43 -07:00
ssb ssb: implement spurious tone avoidance 2013-04-25 21:19:55 -07:00
staging staging: comedi: dt282x: dt282x_ai_insn_read() always fails 2013-09-26 17:15:31 -07:00
target target: Fix trailing ASCII space usage in INQUIRY vendor+model 2013-09-07 21:58:16 -07:00
tc
thermal thermal: return an error on failure to register thermal class 2013-04-12 09:38:47 -07:00
tty powerpc/hvsi: Increase handshake timeout from 200ms to 400ms. 2013-09-07 21:58:14 -07:00
uio
usb usb: config->desc.bLength may not exceed amount of data returned by the device 2013-09-26 17:15:32 -07:00
uwb
vhost vhost: zerocopy: poll vq in zerocopy callback 2013-09-14 06:02:10 -07:00
video fbcon: when font is freed, clear also vc_font.data 2013-05-07 19:51:53 -07:00
virt
virtio virtio: support unlocked queue poll 2013-08-04 16:26:03 +08:00
vlynq
w1 w1: fix oops when w1_search is called from netlink connector 2013-03-20 13:04:59 -07:00
watchdog
xen xen-gnt: prevent adding duplicate gnt callbacks 2013-09-26 17:15:30 -07:00
zorro
Kconfig
Makefile