From mboxrd@z Thu Jan  1 00:00:00 1970
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Subject: USB: core: prevent malicious bNumInterfaces overflow
From: Greg KH <greg@kroah.com>
Message-Id: <20171213112808.GA25196@kroah.com>
Date: Wed, 13 Dec 2017 12:28:08 +0100
To: Alan Stern <stern@rowland.harvard.edu>
Cc: Andrey Konovalov <andreyknvl@google.com>, USB list <linux-usb@vger.kernel.org>
List-ID: <linux-usb.vger.kernel.org>

T24gVHVlLCBEZWMgMTIsIDIwMTcgYXQgMDI6MjU6MTNQTSAtMDUwMCwgQWxhbiBTdGVybiB3cm90
ZToKPiBBIG1hbGljaW91cyBVU0IgZGV2aWNlIHdpdGggY3JhZnRlZCBkZXNjcmlwdG9ycyBjYW4g
Y2F1c2UgdGhlIGtlcm5lbAo+IHRvIGFjY2VzcyB1bmFsbG9jYXRlZCBtZW1vcnkgYnkgc2V0dGlu
ZyB0aGUgYk51bUludGVyZmFjZXMgdmFsdWUgdG9vCj4gaGlnaCBpbiBhIGNvbmZpZ3VyYXRpb24g
ZGVzY3JpcHRvci4gIEFsdGhvdWdoIHRoZSB2YWx1ZSBpcyBhZGp1c3RlZAo+IGR1cmluZyBwYXJz
aW5nLCB0aGlzIGFkanVzdG1lbnQgaXMgc2tpcHBlZCBpbiBvbmUgb2YgdGhlIGVycm9yIHJldHVy
bgo+IHBhdGhzLgo+IAo+IFRoaXMgcGF0Y2ggcHJldmVudHMgdGhlIHByb2JsZW0gYnkgc2V0dGlu
ZyBiTnVtSW50ZXJmYWNlcyB0byAwCj4gaW5pdGlhbGx5LiAgVGhlIGV4aXN0aW5nIGNvZGUgYWxy
ZWFkeSBzZXRzIGl0IHRvIHRoZSBwcm9wZXIgdmFsdWUKPiBhZnRlciBwYXJzaW5nIGlzIGNvbXBs
ZXRlLgo+IAo+IFNpZ25lZC1vZmYtYnk6IEFsYW4gU3Rlcm4gPHN0ZXJuQHJvd2xhbmQuaGFydmFy
ZC5lZHU+Cj4gUmVwb3J0ZWQtYnk6IEFuZHJleSBLb25vdmFsb3YgPGFuZHJleWtudmxAZ29vZ2xl
LmNvbT4KPiBDQzogPHN0YWJsZUB2Z2VyLmtlcm5lbC5vcmc+Cj4gCj4gLS0tCj4gCj4gCj4gW2Fz
MTg1NV0KPiAKPiAKPiAgZHJpdmVycy91c2IvY29yZS9jb25maWcuYyB8ICAgIDQgKysrLQo+ICAx
IGZpbGUgY2hhbmdlZCwgMyBpbnNlcnRpb25zKCspLCAxIGRlbGV0aW9uKC0pCj4gCj4gSW5kZXg6
IHVzYi00LngvZHJpdmVycy91c2IvY29yZS9jb25maWcuYwo+ID09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KPiAtLS0gdXNi
LTQueC5vcmlnL2RyaXZlcnMvdXNiL2NvcmUvY29uZmlnLmMKPiArKysgdXNiLTQueC9kcml2ZXJz
L3VzYi9jb3JlL2NvbmZpZy5jCj4gQEAgLTU1NSw2ICs1NTUsOSBAQCBzdGF0aWMgaW50IHVzYl9w
YXJzZV9jb25maWd1cmF0aW9uKHN0cnVjCj4gIAl1bnNpZ25lZCBpYWRfbnVtID0gMDsKPiAgCj4g
IAltZW1jcHkoJmNvbmZpZy0+ZGVzYywgYnVmZmVyLCBVU0JfRFRfQ09ORklHX1NJWkUpOwo+ICsJ
bmludGYgPSBuaW50Zl9vcmlnID0gY29uZmlnLT5kZXNjLmJOdW1JbnRlcmZhY2VzOwo+ICsJY29u
ZmlnLT5kZXNjLmJOdW1JbnRlcmZhY2VzID0gMDsJLy8gQWRqdXN0ZWQgbGF0ZXIKPiArCj4gIAlp
ZiAoY29uZmlnLT5kZXNjLmJEZXNjcmlwdG9yVHlwZSAhPSBVU0JfRFRfQ09ORklHIHx8Cj4gIAkg
ICAgY29uZmlnLT5kZXNjLmJMZW5ndGggPCBVU0JfRFRfQ09ORklHX1NJWkUgfHwKPiAgCSAgICBj
b25maWctPmRlc2MuYkxlbmd0aCA+IHNpemUpIHsKPiBAQCAtNTY4LDcgKzU3MSw2IEBAIHN0YXRp
YyBpbnQgdXNiX3BhcnNlX2NvbmZpZ3VyYXRpb24oc3RydWMKPiAgCWJ1ZmZlciArPSBjb25maWct
PmRlc2MuYkxlbmd0aDsKPiAgCXNpemUgLT0gY29uZmlnLT5kZXNjLmJMZW5ndGg7Cj4gIAo+IC0J
bmludGYgPSBuaW50Zl9vcmlnID0gY29uZmlnLT5kZXNjLmJOdW1JbnRlcmZhY2VzOwoKVWdoLCBJ
IHRyaWVkIHRvIGZpbmQgdGhpcyBwbGFjZSB0byBkbyB0aGlzLCBidXQgY291bGRuJ3QuICBOaWNl
IGpvYiwKSSdsbCByZXZlcnQgbXkgcGF0Y2ggYW5kIGFwcGx5IHlvdXJzIGluc3RlYWQsIHRoYW5r
cyBmb3IgdGhpcy4KCmdyZWcgay1oCi0tLQpUbyB1bnN1YnNjcmliZSBmcm9tIHRoaXMgbGlzdDog
c2VuZCB0aGUgbGluZSAidW5zdWJzY3JpYmUgbGludXgtdXNiIiBpbgp0aGUgYm9keSBvZiBhIG1l
c3NhZ2UgdG8gbWFqb3Jkb21vQHZnZXIua2VybmVsLm9yZwpNb3JlIG1ham9yZG9tbyBpbmZvIGF0
ICBodHRwOi8vdmdlci5rZXJuZWwub3JnL21ham9yZG9tby1pbmZvLmh0bWwK