proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-22 16:12:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
0a05f88e2b
grub2/grub-core/bus/usb
History
Javier Martinez Canillas 128c16a682 usb: Avoid possible out-of-bound accesses caused by malicious devices 
The maximum number of configurations and interfaces are fixed but there is
no out-of-bound checking to prevent a malicious USB device to report large
values for these and cause accesses outside the arrays' memory.

Fixes: CVE-2020-25647

Reported-by: Joseph Tartaro <joseph.tartaro@ioactive.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:15 +01:00
..
serial Add gcc_struct to all packed structures when compiling with mingw. 2013-12-15 14:14:30 +01:00
ehci-fdt.c arm_coreboot: Support EHCI. 2017-05-08 22:15:05 +02:00
ehci-pci.c ehci: Split core code from PCI part. 2017-05-08 22:10:26 +02:00
ehci.c ehci: Fix compilation on i386 2017-07-09 21:31:19 +02:00
ohci.c ohci: fix memory leak 2015-06-20 23:38:19 +03:00
uhci.c uhci: Fix null pointer dereference. 2015-01-24 20:38:12 +01:00
usb.c usb: Avoid possible out-of-bound accesses caused by malicious devices 2021-03-02 15:54:15 +01:00
usbhub.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
usbtrans.c arm_coreboot: Support EHCI. 2017-05-08 22:15:05 +02:00