a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
feb6a4e42a
android_kernel_samsung_a7y1.../drivers
History
Dan Carpenter feb6a4e42a drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl 
commit 6a024330650e24556b8a18cc654ad00cfecf6c6c upstream.

The "param.count" value is a u64 thatcomes from the user.  The code
later in the function assumes that param.count is at least one and if
it's not then it leads to an Oops when we dereference the ZERO_SIZE_PTR.

Also the addition can have an integer overflow which would lead us to
allocate a smaller "pages" array than required.  I can't immediately
tell what the possible run times implications are, but it's safest to
prevent the overflow.

Link: http://lkml.kernel.org/r/20181218082129.GE32567@kadam
Fixes: 6db7199407ca ("drivers/virt: introduce Freescale hypervisor management driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Timur Tabi <timur@freescale.com>
Cc: Mihai Caraman <mihai.caraman@freescale.com>
Cc: Kumar Gala <galak@kernel.crashing.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-06 17:01:49 +02:00
..
accessibility A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
acpi ACPI / SBS: Fix GPE storm on recent MacBookPro's 2020-04-06 15:20:26 +02:00
amba A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
android A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ata libata: fix using DMA buffers on stack 2020-04-06 16:41:42 +02:00
atm A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
auxdisplay A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
base x86/speculation/mds: Add sysfs reporting for MDS 2020-04-06 16:55:48 +02:00
battery A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
battery_v2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bcma A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
block xsysace: Fix error handling in ace_setup 2020-04-06 16:42:28 +02:00
bluetooth A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bts A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bus A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ccic A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
cdrom cdrom: Fix race condition in cdrom_sysctl_register 2020-04-06 14:51:44 +02:00
char tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete 2020-04-06 15:49:13 +02:00
clk A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
clocksource A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
connector A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
cpufreq A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
cpuidle A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
crypto crypto: crypto4xx - properly set IV after de- and encrypt 2020-04-06 15:49:07 +02:00
dca A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
devfreq A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dio A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dma dmaengine: tegra: avoid overflow of byte tracking 2020-04-06 14:52:41 +02:00
dma-buf A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
edac A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
eisa A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
extcon extcon: usb-gpio: Don't miss event during suspend/resume 2020-04-06 11:16:41 +02:00
fingerprint A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
firewire A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
firmware A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
five A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fmc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fpga A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
gator A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
gpio gpio: gpio-omap: fix level interrupt idling 2020-04-06 14:22:12 +02:00
gps A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
gpu gpu: ipu-v3: dp: fix CSC handling 2020-04-06 16:47:13 +02:00
gud A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hid HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys 2020-04-06 16:43:27 +02:00
hsi A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hv A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hwmon A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hwspinlock A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hwtracing intel_th: gth: Fix an off-by-one in output unassigning 2020-04-06 16:40:30 +02:00
i2c i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA 2020-04-06 14:02:20 +02:00
ide A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
idle A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
iio iio: adc: xilinx: fix potential use-after-free on remove 2020-04-06 16:43:24 +02:00
infiniband IB/mlx4: Fix race condition between catas error reset and aliasguid flows 2020-04-06 15:17:00 +02:00
input Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ 2020-04-06 16:42:41 +02:00
iommu iommu/amd: Set exclusion range correctly 2020-04-06 16:43:00 +02:00
ipack A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
irqchip A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
isdn mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S 2020-04-06 12:57:02 +02:00
leds leds: lp55xx: fix null deref on firmware load failure 2020-04-06 14:51:15 +02:00
lguest A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lightnvm A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
macintosh A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mailbox A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mcb A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
md Don't jump to compute_result state from check_result state 2020-04-06 16:49:43 +02:00
media media: v4l2: i2c: ov7670: Fix PLL bypass register values 2020-04-06 16:42:47 +02:00
memory A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
memstick A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
message A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mfd A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
misc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mmc mmc: davinci: remove extraneous __init annotation 2020-04-06 15:17:03 +02:00
motor A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mtd A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
muic A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
net bonding: fix arp_validate toggling in active-backup mode 2020-04-06 17:01:44 +02:00
nfc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ntb A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nubus A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nvdimm libnvdimm/btt: Fix a kmemdup failure check 2020-04-06 16:43:30 +02:00
nvme A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nvmem A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
of A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
oprofile A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
parisc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
parport A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pci PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller 2020-04-06 15:16:46 +02:00
pcmcia A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
perf A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
phy A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pinctrl A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
platform platform/x86: sony-laptop: Fix unintentional fall-through 2020-04-06 16:43:22 +02:00
pnp A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
power A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
powercap A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pps A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ps3 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ptp A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pwm A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
rapidio A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ras A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
regulator regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting 2020-04-06 14:52:33 +02:00
remoteproc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
reset A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
rpmsg A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
rtc rtc: da9063: set uie_unsupported when relevant 2020-04-06 16:42:17 +02:00
s390 s390: ctcm: fix ctcm_new_device error return code 2020-04-06 16:47:08 +02:00
sbus A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
scsi scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines 2020-04-06 16:43:06 +02:00
security/samsung/icdrv A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sensorhub A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sensors A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sfi A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sh A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sn A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
soc soc/tegra: fuse: Fix illegal free of IO base address 2020-04-06 14:52:17 +02:00
spi A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
spmi A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ssb A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
staging staging: iio: adt7316: fix the dac write calculation 2020-04-06 16:42:39 +02:00
switch A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
target A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
tc A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
tee A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
thermal thermal/int340x_thermal: fix mode setting 2020-04-06 15:17:09 +02:00
thunderbolt A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
trace A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
tty sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() 2020-04-06 16:41:13 +02:00
uh A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
uio A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
usb USB: serial: fix unthrottle races 2020-04-06 17:01:24 +02:00
uwb A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
vfio vfio/pci: use correct format characters 2020-04-06 16:42:19 +02:00
vhost A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
video fbdev: fbmem: fix memory access if logo is bigger than the screen 2020-04-06 14:51:41 +02:00
virt drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl 2020-04-06 17:01:49 +02:00
virtio A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
vision A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
vlynq A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
vme A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
w1 USB: w1 ds2490: Fix bug caused by improper use of altsetting array 2020-04-06 16:42:01 +02:00
watchdog A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
xen A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
zorro A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Makefile A750FXXU4CTBC 2020-03-27 21:51:54 +05:30