superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/drivers/soc
History
Chris Lew f6250ecb7f soc: qcom: qmi_encdec: Restrict string length in decode 
commit 8d207400fd upstream.

The QMI TLV value for strings in a lot of qmi element info structures
account for null terminated strings with MAX_LEN + 1. If a string is
actually MAX_LEN + 1 length, this will cause an out of bounds access
when the NULL character is appended in decoding.

Fixes: 9b8a11e826 ("soc: qcom: Introduce QMI encoder/decoder")
Cc: stable@vger.kernel.org
Signed-off-by: Chris Lew <quic_clew@quicinc.com>
Signed-off-by: Praveenkumar I <quic_ipkumar@quicinc.com>
Link: https://lore.kernel.org/r/20230801064712.3590128-1-quic_ipkumar@quicinc.com
Signed-off-by: Bjorn Andersson <andersson@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-09-19 12:27:57 +02:00
..
actions
amlogic drivers: meson: secure-pwrc: always enable DMA domain 2023-07-19 16:21:33 +02:00
apple
aspeed soc: aspeed: socinfo: Add kfree for kstrdup 2023-08-23 17:52:38 +02:00
atmel
bcm soc: bcm: brcmstb: biuctrl: fix of_iomap leak 2023-05-11 23:03:12 +09:00
canaan
dove
fsl soc/fsl/qe: fix usb.c build errors 2023-07-19 16:21:25 +02:00
fujitsu
gemini
imx
ixp4xx
lantiq
litex
mediatek soc: mediatek: SVS: Fix MT8192 GPU node name 2023-07-19 16:21:27 +02:00
microchip
pxa
qcom soc: qcom: qmi_encdec: Restrict string length in decode 2023-09-19 12:27:57 +02:00
renesas soc: renesas: renesas-soc: Release 'chipid' from ioremap() 2023-05-11 23:03:12 +09:00
rockchip
samsung
sifive
sunxi
tegra
ti soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe 2023-05-11 23:03:07 +09:00
ux500
versatile
xilinx driver: soc: xilinx: use _safe loop iterator to avoid a use after free 2023-07-19 16:21:17 +02:00
Kconfig
Makefile