mbox series

[net,0/3] net: lan78xx: fix NULL deref and memory leak

Message ID 20200728121031.12323-1-johan@kernel.org
Headers show
Series net: lan78xx: fix NULL deref and memory leak | expand

Message

Johan Hovold July 28, 2020, 12:10 p.m. UTC 
The first two patches fix a NULL-pointer dereference at probe that can
be triggered by a malicious device and a small transfer-buffer memory
leak, respectively.

For another subsystem I would have marked them:

	Cc: stable@vger.kernel.org	# 4.3

The third one replaces the driver's current broken endpoint lookup
helper, which could end up accepting incomplete interfaces and whose
results weren't even useeren
Johan


Johan Hovold (3):
  net: lan78xx: add missing endpoint sanity check
  net: lan78xx: fix transfer-buffer memory leak
  net: lan78xx: replace bogus endpoint lookup

 drivers/net/usb/lan78xx.c | 113 +++++++++++---------------------------
 1 file changed, 31 insertions(+), 82 deletions(-)

Comments

David Miller July 28, 2020, 8:36 p.m. UTC | #1 
From: Johan Hovold <johan@kernel.org>
Date: Tue, 28 Jul 2020 14:10:28 +0200

> The first two patches fix a NULL-pointer dereference at probe that can
> be triggered by a malicious device and a small transfer-buffer memory
> leak, respectively.
> 
> For another subsystem I would have marked them:
> 
> 	Cc: stable@vger.kernel.org	# 4.3
> 
> The third one replaces the driver's current broken endpoint lookup
> helper, which could end up accepting incomplete interfaces and whose
> results weren't even useeren

Series applied and queued up for -stable.