remove queue-4.4/usbvision-fix-overflow-of-interfaces-array.patch

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)
diff --git a/queue-4.4/series b/queue-4.4/series

index 8217437f660d77b2397d4a854eb158f44a507797..3eece183c3f9c34238c90ba10fa808ec02c4f80c 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -60,7 +60,6 @@ media-v4l2-compat-ioctl32-fix-missing-reserved-field-copy-in-put_v4l2_create32.p
  mm-use-phys_addr_t-for-reserve_bootmem_region-arguments.patch
  wait-ptrace-assume-__wall-if-the-child-is-traced.patch
  qe-uart-add-fsl-t1040-ucc-uart-to-of_device_id.patch
-usbvision-fix-overflow-of-interfaces-array.patch
  pipe-limit-the-per-user-amount-of-pages-allocated-in-pipes.patch
  powerpc-book3s64-fix-branching-to-ool-handlers-in-relocatable-kernel.patch
  powerpc-eeh-don-t-report-error-in-eeh_pe_reset_and_recover.patch
diff --git a/queue-4.4/usbvision-fix-overflow-of-interfaces-array.patch b/queue-4.4/usbvision-fix-overflow-of-interfaces-array.patch

deleted file mode 100644 (file)

index ec8a8a5..0000000
--- a/queue-4.4/usbvision-fix-overflow-of-interfaces-array.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 588afcc1c0e45358159090d95bf7b246fb67565f Mon Sep 17 00:00:00 2001
-From: Oliver Neukum <oneukum@suse.com>
-Date: Tue, 27 Oct 2015 09:51:34 -0200
-Subject: [media] usbvision fix overflow of interfaces array
-
-From: Oliver Neukum <oneukum@suse.com>
-
-commit 588afcc1c0e45358159090d95bf7b246fb67565f upstream.
-
-This fixes the crash reported in:
-http://seclists.org/bugtraq/2015/Oct/35
-The interface number needs a sanity check.
-
-Signed-off-by: Oliver Neukum <oneukum@suse.com>
-Cc: Vladis Dronov <vdronov@redhat.com>
-Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
-Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
-Cc: Moritz Muehlenhoff <moritz@wikimedia.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- drivers/media/usb/usbvision/usbvision-video.c |    7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/drivers/media/usb/usbvision/usbvision-video.c
-+++ b/drivers/media/usb/usbvision/usbvision-video.c
-@@ -1461,6 +1461,13 @@ static int usbvision_probe(struct usb_in
-       printk(KERN_INFO "%s: %s found\n", __func__,
-                               usbvision_device_data[model].model_string);
- 
-+      /*
-+       * this is a security check.
-+       * an exploit using an incorrect bInterfaceNumber is known
-+       */
-+      if (ifnum >= USB_MAXINTERFACES || !dev->actconfig->interface[ifnum])
-+              return -ENODEV;
-+
-       if (usbvision_device_data[model].interface >= 0)
-               interface = &dev->actconfig->interface[usbvision_device_data[model].interface]->altsetting[0];
-       else if (ifnum < dev->actconfig->desc.bNumInterfaces)
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 8 Jun 2016 00:26:04 +0000 (17:26 -0700)
queue-4.4/series		patch \| blob \| blame \| history
queue-4.4/usbvision-fix-overflow-of-interfaces-array.patch	[deleted file]	patch \| blob \| blame \| history