Web lists-archives.com

Re: [PATCH v2 2/4] cdc-acm: fix possible invalid access when processing notification

On 3/18/2017 9:52 PM, Tobias Herzog wrote:

Notifications may only be 8 bytes so long. Accessing the 9th and

   "So long and thanks for all the fish!" :-)

10th byte of unimplemented/unknown notifications may be insecure.
Also check the length of known notifications before accessing anything
behind the 8th byte.

Signed-off-by: Tobias Herzog <t-herzog@xxxxxx>

MBR, Sergei