diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-amd/kernel-ttusb-dec-CVE-2014-8884.patch')
-rw-r--r-- | common/recipes-kernel/linux/linux-amd/kernel-ttusb-dec-CVE-2014-8884.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/common/recipes-kernel/linux/linux-amd/kernel-ttusb-dec-CVE-2014-8884.patch b/common/recipes-kernel/linux/linux-amd/kernel-ttusb-dec-CVE-2014-8884.patch deleted file mode 100644 index 82fec876..00000000 --- a/common/recipes-kernel/linux/linux-amd/kernel-ttusb-dec-CVE-2014-8884.patch +++ /dev/null @@ -1,36 +0,0 @@ -From e10601e6ce2a74fa525c6322a126edac22a63abb Mon Sep 17 00:00:00 2001 -From: Dan Carpenter <dan.carpenter@oracle.com> -Date: Fri, 5 Sep 2014 09:09:28 -0300 -Subject: [PATCH] [media] ttusb-dec: buffer overflow in ioctl - -We need to add a limit check here so we don't overflow the buffer. - -Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> -Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com> - -UpstreamStatus: Backport -Reference: http://git.kernel.org/cgit/linux/kernel/git/torvalds/ -linux.git/commit/?id=f2e323ec96077642d397bb1c355def536d489d16 - -Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com> ---- - drivers/media/usb/ttusb-dec/ttusbdecfe.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/drivers/media/usb/ttusb-dec/ttusbdecfe.c b/drivers/media/usb/ttusb-dec/ttusbdecfe.c -index 5c45c9d..9c29552 100644 ---- a/drivers/media/usb/ttusb-dec/ttusbdecfe.c -+++ b/drivers/media/usb/ttusb-dec/ttusbdecfe.c -@@ -156,6 +156,9 @@ static int ttusbdecfe_dvbs_diseqc_send_master_cmd(struct dvb_frontend* fe, struc - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00 }; - -+ if (cmd->msg_len > sizeof(b) - 4) -+ return -EINVAL; -+ - memcpy(&b[4], cmd->msg, cmd->msg_len); - - state->config->send_command(fe, 0x72, --- -1.7.9.5 - |