[Midnightbsd-cvs] [MidnightBSD/src] fafe78: A missing length validation code common to these ...
Lucas Holt
noreply at github.com
Fri Aug 7 17:23:24 EDT 2020
Branch: refs/heads/stable/1.2
Home: https://github.com/MidnightBSD/src
Commit: fafe788556e132da149bb78af3e9368b3bb0207f
https://github.com/MidnightBSD/src/commit/fafe788556e132da149bb78af3e9368b3bb0207f
Author: Lucas Holt <luke at foolishgames.com>
Date: 2020-08-07 (Fri, 07 Aug 2020)
Changed paths:
M UPDATING
M sys/dev/usb/net/if_smsc.c
Log Message:
-----------
A missing length validation code common to these three drivers means that a
malicious USB device could write beyond the end of an allocated network
packet buffer.
- smsc(4), supporting SMSC (now Microchip) devices
- muge(4), supporting Microchip devices
- cdceem(4), supporting USB Communication Device Class compatible devices
More information about the Midnightbsd-cvs
mailing list