linux/drivers at a1fabce3d03a20953d6c4fd61b72f6355818d925 - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 20:32:04 +09:00

Files

History

Ben Hutchings ffa7db2263 niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL

commit ee9c5cfad2 upstream.

niu_get_ethtool_tcam_all() assumes that its output buffer is the right
size, and warns before returning if it is not.  However, the output
buffer size is under user control and ETHTOOL_GRXCLSRLALL is an
unprivileged ethtool command.  Therefore this is at least a local
denial-of-service vulnerability.

Change it to check before writing each entry and to return an error if
the buffer is already full.

Compile-tested only.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
[Adjusted to apply to 2.6.32 by dann frazier <dannf@debian.org>]
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

2011-05-09 15:55:39 -07:00

..

…

ACPI: EC: Add another dmi match entry for MSI hardware

2011-01-07 14:43:07 -08:00

…

ahci: AHCI mode SATA patch for Intel Patsburg SATA RAID controller

2011-03-23 13:16:42 -07:00

atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump

2011-04-14 16:53:44 -07:00

…

firmware_class: fix memory leak - free allocated pages

2010-08-02 10:21:25 -07:00

cciss: fix lost command issue

2011-04-14 16:53:18 -07:00

Bluetooth: Add MacBookAir3,1(2) support

2011-05-09 15:55:26 -07:00

…

Fix gcc 4.5.1 miscompiling drivers/char/i8k.c (again)

2011-05-09 15:54:59 -07:00

clocksource: sh_tmu: compute mult and shift before registration

2010-09-26 17:21:37 -07:00

connector: Delete buggy notification code.

2010-02-09 04:50:59 -08:00

revert "[CPUFREQ] remove rwsem lock from CPUFREQ_GOV_STOP call (second call site)"

2010-08-02 10:21:25 -07:00

cpuidle: Fix incorrect optimization

2010-05-12 14:57:16 -07:00

crypto: padlock - Fix AES-CBC handling on odd-block-sized input

2010-12-09 13:27:10 -08:00

…

…

mv_xor: fix race in tasklet function

2011-01-07 14:43:17 -08:00

amd64_edac: Fix interleaving check

2011-01-07 14:43:06 -08:00

…

firewire: ohci: fix race in AR split packet handling

2010-12-09 13:26:50 -08:00

dcdbas: force SMI to happen when expected

2011-03-27 11:30:51 -07:00

gpiolib: Actually set output state in wm831x_gpio_direction_output()

2010-03-15 08:49:57 -07:00

drm/radeon/kms: fix bad shift in atom iio table parser

2011-05-09 15:54:47 -07:00

HID: add MacBookAir 3,1 and 3,2 support

2011-05-09 15:55:37 -07:00

hwmon: (applesmc) Add MacBookAir3,1(3,2) support

2011-05-09 15:55:17 -07:00

i2c: Unregister dummy devices last on adapter removal

2011-02-17 15:37:03 -08:00

ide-cd: Do not access completed requests in the irq handler

2010-08-13 13:19:36 -07:00

…

…

…

IB/cm: Bump reference count on cm_id before invoking callback

2011-03-23 13:16:43 -07:00

Input: elantech - discard the first 2 positions on some firmwares

2011-05-09 15:55:08 -07:00

isdn: avoid calling tty_ldisc_flush() in atomic context

2011-03-23 13:16:55 -07:00

leds-gpio: fix default state handling on OF platforms

2010-04-01 15:58:53 -07:00

lguest: fix bug in setting guest GDT entry

2010-01-06 15:05:19 -08:00

macintosh/therm_adt746x: Fix sysfs attributes lifetime

2010-03-15 08:49:46 -07:00

…

md: correctly handle probe of an 'mdp' device.

2011-03-02 09:47:05 -05:00

V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver

2011-05-09 15:55:30 -07:00

memstick: fix hangs on unexpected device removal in mspro_blk

2010-08-26 16:41:32 -07:00

mptfusion: Fix Incorrect return value in mptscsih_dev_reset

2011-03-02 09:46:33 -05:00

mfd: ab3100: world-writable debugfs *_priv files

2011-04-14 16:53:37 -07:00

drivers/misc/ep93xx_pwm.c: world-writable sysfs files

2011-04-14 16:53:38 -07:00

mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y

2011-05-09 15:55:32 -07:00

mtd: add "platform:" prefix for platform modalias

2011-03-23 13:16:37 -07:00

niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL

2011-05-09 15:55:39 -07:00

…

…

oprofile: fix crash when accessing freed task structs

2010-09-20 13:17:50 -07:00

PARISC: led.c - fix potential stack overflow in led_proc_write()

2010-08-10 10:20:37 -07:00

…

intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions.

2011-05-09 15:55:37 -07:00

pcmcia: avoid buffer overflow in pcmcia_setup_isa_irq

2010-08-26 16:41:53 -07:00

dell-laptop: Add another Dell laptop family to the DMI whitelist

2011-05-09 15:55:34 -07:00

…

ds2760_battery: Fix calculation of time_to_empty_now

2011-02-17 15:37:02 -08:00

…

…

…

regulator: Fix display of null constraints for regulators

2010-02-23 07:37:49 -08:00

drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file

2011-04-14 16:53:37 -07:00

dasd: correct device table

2011-05-09 15:54:50 -07:00

…

mpt2sas: fix the incorrect scsi_dma_map error checking

2011-05-09 15:55:39 -07:00

serial/imx: read cts state only after acking cts change irq

2011-05-09 15:54:48 -07:00

…

…

…

SPI: spi_txx9: Fix bit rate calculation

2009-12-02 23:58:32 +00:00

ssb: b43-pci-bridge: Add new vendor for BCM4318

2010-12-09 13:26:41 -08:00

Staging: rtl8192su: add device ids

2011-05-09 15:55:09 -07:00

…

…

…

…

USB: teach "devices" file about Wireless and SuperSpeed USB

2011-05-09 15:55:10 -07:00

…

backlight: MacBookAir3,1(3,2) mbp-nvidia-bl support

2011-05-09 15:55:36 -07:00

virtio: set pci bus master enable bit

2011-03-07 15:17:55 -08:00

…

w1: w1 temp: fix negative termperature calculation

2010-05-12 14:57:00 -07:00

WATCHDOG: iTCO_wdt: TCO Watchdog patch for additional Intel Cougar Point DeviceIDs

2010-04-26 07:41:18 -07:00

xen: ensure that all event channels start off bound to VCPU 0

2010-12-09 13:26:42 -08:00

…

Kconfig

…

Makefile

virtio: initialize earlier

2010-05-12 14:57:15 -07:00