[Trusty][SRU][PATCH 0/1] Fix for CVE-2017-0627

Po-Hsu Lin po-hsu.lin at canonical.com
Tue May 8 07:57:46 UTC 2018

According to our CVE matrix, only Trusty needs this patch.

An extra check to validate the user-provided bit-size and offset was added in
this patch to fix this CVE issue.

Guenter Roeck (1):
  media: uvcvideo: Prevent heap overflow when accessing mapped controls

 drivers/media/usb/uvc/uvc_ctrl.c | 7 +++++++
 1 file changed, 7 insertions(+)


More information about the kernel-team mailing list