blob: 4059d8f63e84295557415942fb4acf7407e32590 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1974079
https://lore.kernel.org/linux-input/20210219083215.GS2087@kadam/
https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/T/#u
Notes:
carnil> Introduced by 182d679b2298 ("Input: joydev - prevent potential
carnil> read overflow in ioctl") in 5.12-rc1 which was backported to
carnil> various stable series, in 4.9.259, 4.19.178, 5.10.20 relevant
carnil> for Debian.
Bugs:
upstream: released (5.14-rc1) [f8f84af5da9ee04ef1d271528656dac42a090d00]
5.10-upstream-stable: released (5.10.50) [b4c35e9e8061b2386da1aa0d708e991204e76c45]
4.19-upstream-stable: released (4.19.198) [b62ce8e3f7fbd81ea7c9341ac5e0d445f685f6af]
4.9-upstream-stable: released (4.9.276) [f3673f6f63db2aa08c35e707a2fdcbcc6590c391]
sid: released (5.10.46-3) [bugfix/all/Input-joydev-prevent-use-of-not-validated-data-in-JS.patch]
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: released (4.19.208-1)
4.9-stretch-security: pending (4.9.290-1)
|
