forked from Minki/linux
4fbcc1a4cb
It appears that there are some buffer overflows in EVT_TRANSACTION. This happens because the length parameters that are passed to memcpy come directly from skb->data and are not guarded in any way. Signed-off-by: Jordy Zomer <jordy@pwning.systems> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
---|---|---|
.. | ||
core.c | ||
dep.c | ||
i2c.c | ||
Kconfig | ||
Makefile | ||
se.c | ||
st21nfca.h | ||
vendor_cmds.c |