ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
commit b909df18 upstream. A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration. Signed-off-by:Benoît Sevens <bsevens@google.com> Fixes: 1da177e4 ("Linux-2.6.12-rc2") Cc: stable@kernel.org Link: https://patch.msgid.link/20241120124144.3814457-1-bsevens@google.com Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Loading
-
mentioned in commit 79b184dd
-
mentioned in commit 375858d6
-
mentioned in commit 39eb960a
-
mentioned in commit 09ae1086
-
mentioned in commit f8917048
-
mentioned in commit 5cb74beb
-
mentioned in commit 1d2b041e
-
mentioned in commit 97711730
-
mentioned in commit e6b65a9d
-
mentioned in commit 71b0d95b
-
mentioned in commit 1b5a9770
-
mentioned in commit 00dfe8d4
-
mentioned in commit 49d1b74b
-
mentioned in commit 114c458f
-
mentioned in commit 352c00a9
-
mentioned in commit df511072
-
mentioned in commit ba57b417
-
mentioned in commit 1a879734
-
mentioned in commit 4479248e
-
mentioned in commit e2dd8fb5
-
mentioned in commit 455d6ba6
-
mentioned in commit 027e32a2
-
mentioned in commit cfc583e0
-
mentioned in commit 5aa89d4a
-
mentioned in commit c68c05b0
-
mentioned in commit fae7f31e
-
mentioned in commit d0772d5c
-
mentioned in commit 221fc53a
-
mentioned in commit e9827027
-
mentioned in commit 5486704a
-
mentioned in commit 49bd830e
Please sign in to comment