Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 9dbf7e34 authored by Andrej Shadura's avatar Andrej Shadura Committed by Greg Kroah-Hartman
Browse files

HID: u2fzero: ignore incomplete packets without data 

commit 22d65765f211cc83186fd8b87521159f354c0da9 upstream.

Since the actual_length calculation is performed unsigned, packets
shorter than 7 bytes (e.g. packets without data or otherwise truncated)
or non-received packets ("zero" bytes) can cause buffer overflow.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=214437


Fixes: 42337b9d("HID: add driver for U2F Zero built-in LED and RNG")
Signed-off-by: default avatarAndrej Shadura <andrew.shadura@collabora.co.uk>
Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent d518ea03
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment