Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752305AbdLGVRR (ORCPT <rfc822;w@1wt.eu>);
        Thu, 7 Dec 2017 16:17:17 -0500
Received: from osg.samsung.com ([64.30.133.232]:63914 "EHLO osg.samsung.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1750980AbdLGVRQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Dec 2017 16:17:16 -0500
From: Shuah Khan <shuahkh@osg.samsung.com>
To: shuah@kernel.org, valentina.manea.m@gmail.com,
        gregkh@linuxfoundation.org
Cc: Shuah Khan <shuahkh@osg.samsung.com>, linux-usb@vger.kernel.org,
        linux-kernel@vger.kernel.org, vuln@secunia.com
Subject: [PATCH 0/4] USB over IP Secuurity fixes
Date: Thu,  7 Dec 2017 14:16:46 -0700
Message-Id: <cover.1512672005.git.shuahkh@osg.samsung.com>
X-Mailer: git-send-email 2.14.1
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 889
Lines: 23

Jakub Jirasek from Secunia Research at Flexera reported security
vulnerabilities in the USB over IP driver. This patch series all
the 4 reported problems.

Jakub, could you please suggest an email address I can use for the
Reported-by tag?

Shuah Khan (4):
  usbip: fix stub_rx: get_pipe() to validate endpoint number
  usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
  usbip: prevent vhci_hcd driver from leaking a socket pointer address
  usbip: fix stub_send_ret_submit() vulnerability to null
    transfer_buffer

 drivers/usb/usbip/stub_rx.c          | 51 +++++++++++++++++++++++++++++-------
 drivers/usb/usbip/stub_tx.c          |  7 +++++
 drivers/usb/usbip/usbip_common.h     |  1 +
 drivers/usb/usbip/vhci_sysfs.c       | 25 +++++++++++-------
 tools/usb/usbip/libsrc/vhci_driver.c |  8 +++---
 5 files changed, 69 insertions(+), 23 deletions(-)

-- 
2.14.1