mirror of https://gitee.com/openkylin/linux.git
7992c18810
CVE-2018-9363
The buffer length is unsigned at all layers, but gets cast to int and
checked in hidp_process_report and can lead to a buffer overflow.
Switch len parameter to unsigned int to resolve issue.
This affects 3.18 and newer kernels.
Signed-off-by: Mark Salyzyn <salyzyn@android.com>
Fixes:
|
||
---|---|---|
.. | ||
Kconfig | ||
Makefile | ||
core.c | ||
hidp.h | ||
sock.c |