From mboxrd@z Thu Jan  1 00:00:00 1970
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Subject: USB: core: prevent malicious bNumInterfaces overflow
From: Greg KH <greg@kroah.com>
Message-Id: <20171213075107.GA23219@kroah.com>
Date: Wed, 13 Dec 2017 08:51:07 +0100
To: Peter Chen <hzpeterchen@gmail.com>
Cc: Alan Stern <stern@rowland.harvard.edu>, Andrey Konovalov <andreyknvl@google.com>, USB list <linux-usb@vger.kernel.org>
List-ID: <linux-usb.vger.kernel.org>

T24gV2VkLCBEZWMgMTMsIDIwMTcgYXQgMDk6Mjc6NDJBTSArMDgwMCwgUGV0ZXIgQ2hlbiB3cm90
ZToKPiBPbiBUdWUsIERlYyAxMiwgMjAxNyBhdCAwMjoyNToxM1BNIC0wNTAwLCBBbGFuIFN0ZXJu
IHdyb3RlOgo+ID4gQSBtYWxpY2lvdXMgVVNCIGRldmljZSB3aXRoIGNyYWZ0ZWQgZGVzY3JpcHRv
cnMgY2FuIGNhdXNlIHRoZSBrZXJuZWwKPiA+IHRvIGFjY2VzcyB1bmFsbG9jYXRlZCBtZW1vcnkg
Ynkgc2V0dGluZyB0aGUgYk51bUludGVyZmFjZXMgdmFsdWUgdG9vCj4gPiBoaWdoIGluIGEgY29u
ZmlndXJhdGlvbiBkZXNjcmlwdG9yLiAgQWx0aG91Z2ggdGhlIHZhbHVlIGlzIGFkanVzdGVkCj4g
PiBkdXJpbmcgcGFyc2luZywgdGhpcyBhZGp1c3RtZW50IGlzIHNraXBwZWQgaW4gb25lIG9mIHRo
ZSBlcnJvciByZXR1cm4KPiA+IHBhdGhzLgo+ID4gCj4gPiBUaGlzIHBhdGNoIHByZXZlbnRzIHRo
ZSBwcm9ibGVtIGJ5IHNldHRpbmcgYk51bUludGVyZmFjZXMgdG8gMAo+ID4gaW5pdGlhbGx5LiAg
VGhlIGV4aXN0aW5nIGNvZGUgYWxyZWFkeSBzZXRzIGl0IHRvIHRoZSBwcm9wZXIgdmFsdWUKPiA+
IGFmdGVyIHBhcnNpbmcgaXMgY29tcGxldGUuCj4gPiAKPiA+IFNpZ25lZC1vZmYtYnk6IEFsYW4g
U3Rlcm4gPHN0ZXJuQHJvd2xhbmQuaGFydmFyZC5lZHU+Cj4gPiBSZXBvcnRlZC1ieTogQW5kcmV5
IEtvbm92YWxvdiA8YW5kcmV5a252bEBnb29nbGUuY29tPgo+ID4gQ0M6IDxzdGFibGVAdmdlci5r
ZXJuZWwub3JnPgo+ID4gCj4gPiAtLS0KPiA+IAo+ID4gCj4gPiBbYXMxODU1XQo+ID4gCj4gPiAK
PiA+ICBkcml2ZXJzL3VzYi9jb3JlL2NvbmZpZy5jIHwgICAgNCArKystCj4gPiAgMSBmaWxlIGNo
YW5nZWQsIDMgaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlvbigtKQo+ID4gCj4gPiBJbmRleDogdXNi
LTQueC9kcml2ZXJzL3VzYi9jb3JlL2NvbmZpZy5jCj4gPiA9PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Cj4gPiAtLS0gdXNi
LTQueC5vcmlnL2RyaXZlcnMvdXNiL2NvcmUvY29uZmlnLmMKPiA+ICsrKyB1c2ItNC54L2RyaXZl
cnMvdXNiL2NvcmUvY29uZmlnLmMKPiA+IEBAIC01NTUsNiArNTU1LDkgQEAgc3RhdGljIGludCB1
c2JfcGFyc2VfY29uZmlndXJhdGlvbihzdHJ1Ywo+ID4gIAl1bnNpZ25lZCBpYWRfbnVtID0gMDsK
PiA+ICAKPiA+ICAJbWVtY3B5KCZjb25maWctPmRlc2MsIGJ1ZmZlciwgVVNCX0RUX0NPTkZJR19T
SVpFKTsKPiA+ICsJbmludGYgPSBuaW50Zl9vcmlnID0gY29uZmlnLT5kZXNjLmJOdW1JbnRlcmZh
Y2VzOwo+ID4gKwljb25maWctPmRlc2MuYk51bUludGVyZmFjZXMgPSAwOwkvLyBBZGp1c3RlZCBs
YXRlcgo+ID4gKwo+IAo+IFRoZSBjb21tZW50IGZvcm1hdD8KCklzIGZpbmUsIEkndmUgZ2l2ZW4g
dXAgdGhhdCBmaWdodCA6KQoKZ3JlZyBrLWgKLS0tClRvIHVuc3Vic2NyaWJlIGZyb20gdGhpcyBs
aXN0OiBzZW5kIHRoZSBsaW5lICJ1bnN1YnNjcmliZSBsaW51eC11c2IiIGluCnRoZSBib2R5IG9m
IGEgbWVzc2FnZSB0byBtYWpvcmRvbW9Admdlci5rZXJuZWwub3JnCk1vcmUgbWFqb3Jkb21vIGlu
Zm8gYXQgIGh0dHA6Ly92Z2VyLmtlcm5lbC5vcmcvbWFqb3Jkb21vLWluZm8uaHRtbAo=