Permalink
Browse files

USB: cdc-acm: more sanity checking

An attack has become available which pretends to be a quirky
device circumventing normal sanity checks and crashes the kernel
by an insufficient number of interfaces. This patch adds a check
to the code path for quirky devices.

Change-Id: Ie96a95d833e4ca9c3c3c3557679115ffb7069b5b
Signed-off-by: Oliver Neukum <ONeukum@suse.com>
CC: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  • Loading branch information...
oneukum authored and andi34 committed Mar 15, 2016
1 parent 32602f8 commit d01bdd12c19cea3a0d193fff93469a929e630375
Showing with 3 additions and 0 deletions.
  1. +3 −0 drivers/usb/class/cdc-acm.c
@@ -895,6 +895,9 @@ static int acm_probe(struct usb_interface *intf,
if (quirks == NO_UNION_NORMAL) {
data_interface = usb_ifnum_to_if(usb_dev, 1);
control_interface = usb_ifnum_to_if(usb_dev, 0);
/* we would crash */
if (!data_interface || !control_interface)
return -ENODEV;
goto skip_normal_probe;
}

0 comments on commit d01bdd1

Please sign in to comment.