USB: gadget: validate interface OS descriptor requests
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit?id=
22ec1004728548598f4f5b4a079a7873409eacfd
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-25258
commit
75e5b4849b81e19e9efe1654b30d7f3151c33c2c upstream.
Stall the control endpoint in case provided index exceeds array size of
MAX_CONFIG_INTERFACES or when the retrieved function pointer is null.
Signed-off-by: Szymon Heidrich <szymon.heidrich@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name USB-gadget-validate-interface-OS-descriptor-requests.patch
projects / linux.git / commit