ACK: [Trusty][CVE-2015-400{1,2,3}][PATCH 0/4] ozwpan driver CVEs
Brad Figg
brad.figg at canonical.com
Tue Jun 9 15:45:38 UTC 2015
On Tue, Jun 09, 2015 at 04:27:45PM +0100, Luis Henriques wrote:
> Following this email I am sending the fixes for trusty for 3 CVEs in
> the ozwpan driver: CVE-2015-4001, CVE-2015-4002 and CVE-2015-4003.
>
> Jason A. Donenfeld (4):
> ozwpan: Use unsigned ints to prevent heap overflow
> ozwpan: divide-by-zero leading to panic
> ozwpan: Use proper check to prevent heap overflow
> ozwpan: unchecked signed subtraction leads to DoS
>
> drivers/staging/ozwpan/ozhcd.c | 8 ++++----
> drivers/staging/ozwpan/ozusbif.h | 4 ++--
> drivers/staging/ozwpan/ozusbsvc1.c | 19 ++++++++++++++-----
> 3 files changed, 20 insertions(+), 11 deletions(-)
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Looks good.
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list