Skip to content
Snippets Groups Projects
Commit 13b250b1 authored by Gerd Hoffmann's avatar Gerd Hoffmann
Browse files

uas: add stream number sanity checks. 


The device uses the guest-supplied stream number unchecked, which can
lead to guest-triggered out-of-band access to the UASDevice->data3 and
UASDevice->status3 fields.  Add the missing checks.

Fixes: CVE-2021-3713
Signed-off-by: default avatarGerd Hoffmann <kraxel@redhat.com>
Reported-by: default avatarChen Zhe <chenzhe@huawei.com>
Reported-by: default avatarTan Jingguo <tanjingguo@huawei.com>
Reviewed-by: default avatarPhilippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210818120505.1258262-2-kraxel@redhat.com>
parent ad22d058
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 11 additions and 0 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment