Jiri, Should this one have been part of the batch you applied? It doesn't use hid_validate_report().
-Kees On Thu, Aug 29, 2013 at 3:03 AM, Mika Westerberg <[email protected]> wrote: > On Wed, Aug 28, 2013 at 10:31:44PM +0200, Jiri Kosina wrote: >> From: Kees Cook <[email protected]> >> >> A HID device could send a malicious feature report that would cause the >> sensor-hub HID driver to read past the end of heap allocation, leaking >> kernel memory contents to the caller. >> >> CVE-2013-2898 >> >> Signed-off-by: Kees Cook <[email protected]> >> Cc: [email protected] > > Reviewed-by: Mika Westerberg <[email protected]> -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-input" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
