[Lucid][CVE-2013-2897 0/2] HID: validate feature and input report details
Luis Henriques
luis.henriques at canonical.com
Thu Oct 10 13:48:08 UTC 2013
CVE-2013-2897 has two commits identified to fix the security issue:
8821f5d HID: multitouch: validate indexes details
cc6b54a HID: validate feature and input report details
The first one is actually not applicable to Lucid as the
hid-multitouch doesn't exist in kernels prior to 2.6.38.
Thus, following this email there are two patches:
- a backport of cc6b54a, and
- a cherry-pick of f262d1f "HID: add usage_index in struct
hid_usage.", which is a prerequisite for the cc6b54a
Benjamin Tissoires (2):
HID: add usage_index in struct hid_usage.
HID: validate feature and input report details
drivers/hid/hid-core.c | 10 ++++++----
drivers/hid/hid-input.c | 4 ++++
include/linux/hid.h | 1 +
3 files changed, 11 insertions(+), 4 deletions(-)
--
1.8.3.2
More information about the kernel-team
mailing list