shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 12:17:12 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
ea21245cdcab3f2b46aecd421ac5f5753a1cf88d
linux/drivers
History
Jordy Zomer 25c23fe40e nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION 
commit 4fbcc1a4cb upstream.

It appears that there are some buffer overflows in EVT_TRANSACTION.
This happens because the length parameters that are passed to memcpy
come directly from skb->data and are not guarded in any way.

Signed-off-by: Jordy Zomer <jordy@pwning.systems>
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Denis Efremov <denis.e.efremov@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-03-28 09:57:07 +02:00
..
accessibility
speakup-dectlk: Restore pitch setting
2022-02-16 12:54:30 +01:00
acpi
Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
2022-03-11 12:11:55 +01:00
amba
ARM: 9120/1: Revert "amba: make use of -1 IRQs warn"
2021-11-06 14:10:09 +01:00
android
binder: fix handling of error during copy
2022-01-27 10:54:06 +01:00
ata
ata: pata_hpt37x: fix PCI clock detection
2022-03-08 19:09:31 +01:00
atm
atm: eni: Add check for dma_map_single
2022-03-23 09:13:27 +01:00
auxdisplay
auxdisplay: ht16k33: Fix frame buffer device blanking
2021-11-18 14:04:24 +01:00
base
driver core: Free DMA range map when device is released
2022-03-02 11:42:56 +01:00
bcma
bcma: Fix memory leak for internally-handled cores
2021-09-15 09:50:45 +02:00
block
virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
2022-03-16 14:15:57 +01:00
bluetooth
Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
2022-01-27 10:54:18 +01:00
bus
Revert "drivers: bus: simple-pm-bus: Add support for probing simple bus only devices"
2022-02-05 12:37:55 +01:00
cdrom
char
random: wake up /dev/random writers after zap
2022-02-23 12:01:00 +01:00
clk
clk: qcom: gdsc: Add support to update GDSC transition delay
2022-03-16 14:15:56 +01:00
clocksource
ARM: dts: Use 32KiHz oscillator on devkit8000
2022-03-08 19:09:36 +01:00
connector
counter
counter: stm32-lptimer-cnt: remove iio counter abi
2022-01-27 10:54:08 +01:00
cpufreq
cpufreq: Fix initialization of min and max frequency QoS requests
2022-01-27 10:54:17 +01:00
cpuidle
cpuidle: Fix kobject memory leaks in error paths
2021-11-18 14:04:05 +01:00
crypto
crypto: qcom-rng - ensure buffer for generate is completely filled
2022-03-23 09:13:27 +01:00
dax
dca
devfreq
dio
dma
dmaengine: shdma: Fix runtime PM imbalance on error
2022-03-08 19:09:30 +01:00
dma-buf
dma-buf: heaps: Fix potential spectre v1 gadget
2022-02-08 18:30:36 +01:00
edac
EDAC: Fix calculation of returned address and next offset in edac_align_ptr()
2022-02-23 12:01:07 +01:00
eisa
extcon
firewire
firmware
efi: fix return value of __setup handlers
2022-03-23 09:13:27 +01:00
fpga
fpga: machxo2-spi: Fix missing error code in machxo2_write_complete()
2021-09-30 10:11:04 +02:00
fsi
gnss
gpio
gpio: Return EPROBE_DEFER if gc->to_irq is NULL
2022-03-16 14:16:00 +01:00
gpu
drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
2022-03-23 09:13:28 +01:00
greybus
hid
HID: vivaldi: fix sysfs attributes leak
2022-03-16 14:15:56 +01:00
hsi
HSI: core: Fix return freed object in hsi_new_client
2022-01-27 10:54:12 +01:00
hv
Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
2022-02-23 12:01:04 +01:00
hwmon
hwmon: (pmbus) Clear pmbus fault/warning bits after read
2022-03-16 14:16:00 +01:00
hwspinlock
hwtracing
coresight: cti: Correct the parameter for pm_runtime_put
2021-11-18 14:03:51 +01:00
i2c
i2c: qup: allow COMPILE_TEST
2022-03-08 19:09:30 +01:00
i3c
ide
idle
iio
iio: Fix error handling for PM
2022-03-02 11:42:53 +01:00
infiniband
RDMA/cma: Do not change route.addr.src_addr outside state checks
2022-03-02 11:42:56 +01:00
input
Input: aiptek - properly check endpoint type
2022-03-23 09:13:29 +01:00
interconnect
treewide: Change list_sort to use const pointers
2021-09-30 10:11:04 +02:00
iommu
iommu/amd: Recover from event log overflow
2022-03-08 19:09:31 +01:00
ipack
ipack: ipoctal: fix module reference leak
2021-10-06 15:56:01 +02:00
irqchip
irqchip/sifive-plic: Add missing thead,c900-plic match string
2022-02-23 12:01:05 +01:00
isdn
isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
2022-03-16 14:15:57 +01:00
leds
leds: trigger: audio: Add an activate callback to ensure the initial brightness is set
2021-09-15 09:50:36 +02:00
lightnvm
macintosh
mailbox
soc: mediatek: cmdq: add address shift in jump
2021-09-18 13:40:16 +02:00
mcb
mcb: fix error handling in mcb_alloc_bus()
2021-09-30 10:11:00 +02:00
md
dm: fix alloc_dax error handling in alloc_dev
2022-01-27 10:54:22 +01:00
media
media: venus: core: Drop second v4l2 device unregister
2022-02-01 17:25:38 +01:00
memory
memory: renesas-rpc-if: Return error in case devm_ioremap_resource() fails
2022-01-27 10:53:48 +01:00
memstick
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
2021-11-18 14:04:07 +01:00
message
mfd
mfd: atmel-flexcom: Use .resume_noirq
2022-01-27 10:53:51 +01:00
misc
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
2022-02-16 12:54:27 +01:00
mmc
mmc: meson: Fix usage of meson_mmc_post_req()
2022-03-16 14:16:01 +01:00
most
most: fix control-message timeouts
2021-11-18 14:03:51 +01:00
mtd
mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status
2022-02-23 12:01:04 +01:00
mux
net
smsc95xx: Ignore -ENODEV errors when device is unplugged
2022-03-23 09:13:29 +01:00
nfc
nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
2022-03-28 09:57:07 +02:00
ntb
ntb: intel: fix port config status offset for SPR
2022-03-08 19:09:32 +01:00
nubus
nvdimm
libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
2021-09-18 13:40:36 +02:00
nvme
nvme-rdma: fix possible use-after-free in transport error_recovery work
2022-02-23 12:01:00 +01:00
nvmem
nvmem: core: set size for sysfs bin file
2022-01-27 10:54:22 +01:00
of
of: base: Improve argument length mismatch error
2022-01-27 10:54:28 +01:00
opp
opp: Fix return in _opp_add_static_v2()
2021-11-18 14:04:22 +01:00
oprofile
parisc
parisc: Fix sglist access in ccio-dma.c
2022-02-23 12:00:57 +01:00
parport
parport: remove non-zero check on count
2021-09-18 13:40:34 +02:00
pci
PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology
2022-02-23 12:00:57 +01:00
pcmcia
pcmcia: fix setting of kthread task states
2022-01-27 10:54:03 +01:00
perf
phy
phy: usb: Leave some clocks running during suspend
2022-02-23 12:01:05 +01:00
pinctrl
pinctrl: sunxi: Use unique lockdep classes for IRQs
2022-03-08 19:09:36 +01:00
platform
surface: surface3_power: Fix battery readings on batteries without a serial number
2022-03-02 11:42:51 +01:00
pnp
power
power: reset: mt6397: Check for null res pointer
2022-01-27 10:54:00 +01:00
powercap
pps
ps3
ptp
ptp_pch: Load module automatically if ID matches
2021-10-13 10:04:27 +02:00
pwm
pwm: stm32-lp: Don't modify HW state in .remove() callback
2021-09-26 14:09:01 +02:00
rapidio
ras
regulator
regulator: core: fix false positive in regulator_late_cleanup()
2022-03-08 19:09:29 +01:00
remoteproc
remoteproc: qcom: pil_info: Don't memcpy_toio more than is provided
2022-01-20 09:17:50 +01:00
reset
reset: socfpga: add empty driver allowing consumers to probe
2021-11-18 14:03:42 +01:00
rpmsg
rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
2022-02-01 17:25:43 +01:00
rtc
rtc: cmos: Evaluate century appropriate
2022-02-08 18:30:39 +01:00
s390
scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices
2022-02-01 17:25:39 +01:00
sbus
scsi
scsi: mpt3sas: Page fault in reply q processing
2022-03-23 09:13:29 +01:00
sfi
sh
maple: fix wrong return value of maple_bus_init().
2021-11-26 10:39:12 +01:00
siox
slimbus
slimbus: ngd: reset dma setup during runtime pm
2021-08-26 08:35:55 -04:00
soc
soc: fsl: qe: Check of ioremap return value
2022-03-08 19:09:37 +01:00
soundwire
soundwire: debugfs: use controller id and link_id for debugfs
2021-11-18 14:04:16 +01:00
spi
spi: rockchip: terminate dma transmission when slave abort
2022-03-16 14:16:00 +01:00
spmi
ssb
staging
staging: gdm724x: fix use after free in gdm_lte_rx()
2022-03-16 14:16:01 +01:00
target
scsi: target: iscsi: Make sure the np under each tpg is unique
2022-02-16 12:54:19 +01:00
tc
tee
optee: use driver internal tee_context for some rpc
2022-03-02 11:42:47 +01:00
thermal
thermal: core: Fix TZ_GET_TRIP NULL pointer dereference
2022-03-08 19:09:32 +01:00
thunderbolt
thunderbolt: Runtime PM activate both ends of the device link
2022-01-27 10:54:14 +01:00
tty
serial: stm32: prevent TDR register overwrite when sending x_char
2022-03-08 19:09:30 +01:00
uio
usb
usb: usbtmc: Fix bug in pipe direction for control transfers
2022-03-23 09:13:29 +01:00
vdpa
vdpa/mlx5: Fix wrong configuration of virtio_version_1_0
2022-01-27 10:54:33 +01:00
vfio
vfio: Use config not menuconfig for VFIO_NOIOMMU
2021-09-18 13:40:12 +02:00
vhost
vsock: each transport cycles only on its own sockets
2022-03-23 09:13:27 +01:00
video
fbcon: Add option to enable legacy hardware acceleration
2022-02-08 18:30:40 +01:00
virt
virtio
virtio: acknowledge all features before access
2022-03-16 14:16:02 +01:00
visorbus
vlynq
vme
w1
w1: Misuse of get_user()/put_user() reported by sparse
2022-01-27 10:54:22 +01:00
watchdog
ar7: fix kernel builds for compiler test
2021-11-18 14:04:24 +01:00
xen
xen/gnttab: fix gnttab_end_foreign_access() without page specified
2022-03-11 12:11:54 +01:00
zorro
Kconfig
Makefile