[Utopic][CVE-2015-400{1,2,3}][PATCH 0/4] ozwpan driver CVEs

Luis Henriques luis.henriques at canonical.com
Tue Jun 9 19:17:45 UTC 2015


Following this email I am sending the fixes for utopic for 3 CVEs in the
ozwpan driver: CVE-2015-4001, CVE-2015-4002 and CVE-2015-4003.


Jason A. Donenfeld (4):
  ozwpan: Use unsigned ints to prevent heap overflow
  ozwpan: divide-by-zero leading to panic
  ozwpan: Use proper check to prevent heap overflow
  ozwpan: unchecked signed subtraction leads to DoS

 drivers/staging/ozwpan/ozhcd.c     |  8 ++++----
 drivers/staging/ozwpan/ozusbif.h   |  4 ++--
 drivers/staging/ozwpan/ozusbsvc1.c | 19 ++++++++++++++-----
 3 files changed, 20 insertions(+), 11 deletions(-)




More information about the kernel-team mailing list