proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-11-04 02:06:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3d157bbd06
grub2/grub-core/bus
History
Javier Martinez Canillas 128c16a682 usb: Avoid possible out-of-bound accesses caused by malicious devices 
The maximum number of configurations and interfaces are fixed but there is
no out-of-bound checking to prevent a malicious USB device to report large
values for these and cause accesses outside the arrays' memory.

Fixes: CVE-2020-25647

Reported-by: Joseph Tartaro <joseph.tartaro@ioactive.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:15 +01:00
..
emu remove extra newlines in grub_util_* strings 2015-05-13 09:47:17 +03:00
i386/ieee1275 On i386-ieee1275 we run in paged mode. So we need to explicitly map 2013-11-18 04:32:33 +01:00
spi rk3288_spi: Add SPI driver 2017-05-09 08:44:23 +02:00
usb usb: Avoid possible out-of-bound accesses caused by malicious devices 2021-03-02 15:54:15 +01:00
bonito.c Add bonito 3A support. 2013-12-17 22:49:27 +01:00
cs5536.c Remove nested functions from PCI iterators. 2013-01-13 01:10:41 +00:00
fdt.c fdtbus: Add ability to send/receive messages on parent busses. 2017-05-09 08:43:20 +02:00
pci.c Remove nested functions from PCI iterators. 2013-01-13 01:10:41 +00:00