Johan Hovold 5dfdd24eb3 USB: serial: ti_usb_3410_5052: fix array underflow in completion handler ... Similarly to a recently reported bug in io_ti, a malicious USB device could set port_number to a negative value and we would underflow the port array in the interrupt completion handler. As these devices only have one or two ports, fix this by making sure we only consider the seventh bit when determining the port number (and ignore bits 0xb0 which are typically set to 0x30). Fixes: 1da177e4c3 ("Linux-2.6.12-rc2") Cc: stable <stable@vger.kernel.org> Signed-off-by: Johan Hovold <johan@kernel.org>		2018-08-27 11:53:19 +02:00
..
aircable.c
ark3116.c
belkin_sa.c
belkin_sa.h
bus.c
ch341.c
console.c
cp210x.c
cyberjack.c
cypress_m8.c
cypress_m8.h
digi_acceleport.c
empeg.c
ezusb_convert.pl
f81232.c
f81534.c
ftdi_sio_ids.h
ftdi_sio.c
ftdi_sio.h
garmin_gps.c
generic.c
io_16654.h
io_edgeport.c
io_edgeport.h
io_ionsp.h
io_ti.c
io_ti.h	USB: serial: io_ti: fix array underflow in completion handler	2018-08-27 11:52:34 +02:00
io_usbvend.h
ipaq.c
ipw.c
ir-usb.c
iuu_phoenix.c
iuu_phoenix.h
Kconfig
keyspan_pda.c
keyspan_usa26msg.h
keyspan_usa28msg.h
keyspan_usa49msg.h
keyspan_usa67msg.h
keyspan_usa90msg.h
keyspan.c
kl5kusb105.c
kl5kusb105.h
kobil_sct.c
kobil_sct.h
Makefile
Makefile-keyspan_pda_fw
mct_u232.c
mct_u232.h
metro-usb.c
mos7720.c
mos7840.c
mxuport.c
navman.c
omninet.c
opticon.c
option.c
oti6858.c
oti6858.h
pl2303.c	USB: serial: pl2303: add a new device id for ATEN	2018-08-02 10:37:04 +02:00
pl2303.h	USB: serial: pl2303: add a new device id for ATEN	2018-08-02 10:37:04 +02:00
qcaux.c
qcserial.c
quatech2.c
safe_serial.c
sierra.c
spcp8x5.c
ssu100.c
symbolserial.c
ti_usb_3410_5052.c	USB: serial: ti_usb_3410_5052: fix array underflow in completion handler	2018-08-27 11:53:19 +02:00
upd78f0730.c
usb_debug.c
usb_wwan.c
usb-serial-simple.c
usb-serial.c
usb-wwan.h
visor.c
visor.h
whiteheat.c
whiteheat.h
wishbone-serial.c
xsens_mt.c