proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2026-01-26 06:16:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2f2d0088eb
mirror_ubuntu-kernels/drivers/usb/usbip
History
Shuah Khan 2f2d0088eb usbip: prevent vhci_hcd driver from leaking a socket pointer address 
When a client has a USB device attached over IP, the vhci_hcd driver is
locally leaking a socket pointer address via the

/sys/devices/platform/vhci_hcd/status file (world-readable) and in debug
output when "usbip --debug port" is run.

Fix it to not leak. The socket pointer address is not used at the moment
and it was made visible as a convenient way to find IP address from socket
pointer address by looking up /proc/net/{tcp,tcp6}.

As this opens a security hole, the fix replaces socket pointer address with
sockfd.

Reported-by: Secunia Research <vuln@secunia.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-12-08 17:32:23 +01:00
..
Kconfig usb: Kconfig: using select for USB_COMMON dependency 2016-09-27 12:20:17 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
README
stub_dev.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
stub_main.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
stub_rx.c usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input 2017-12-08 17:32:23 +01:00
stub_tx.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
stub.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
usbip_common.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
usbip_common.h usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-08 17:32:23 +01:00
usbip_event.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vhci_hcd.c usbip: Fix USB device hang due to wrong enabling of scatter-gather 2017-11-30 16:40:01 +00:00
vhci_rx.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vhci_sysfs.c usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-08 17:32:23 +01:00
vhci_tx.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vhci.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_dev.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_main.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_rx.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_sysfs.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_transfer.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc_tx.c USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00
vudc.h USB: usbip: Remove redundant license text 2017-11-07 15:45:01 +01:00

README 

TODO:
	- more discussion about the protocol
	- testing
	- review of the userspace interface
	- document the protocol

Please send patches for this code to Greg Kroah-Hartman <greg@kroah.com>