averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-18 10:23:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
bd1be0d58b61ba4bf25fb3d8a820993ccfb1b2d6
linux-stable-mirror/drivers/net/usb
T
History
Ziyi Guo a488001a81 net: usb: catc: enable basic endpoint checking 
[ Upstream commit 9e7021d2ae ]

catc_probe() fills three URBs with hardcoded endpoint pipes without
verifying the endpoint descriptors:

  - usb_sndbulkpipe(usbdev, 1) and usb_rcvbulkpipe(usbdev, 1) for TX/RX
  - usb_rcvintpipe(usbdev, 2) for interrupt status

A malformed USB device can present these endpoints with transfer types
that differ from what the driver assumes.

Add a catc_usb_ep enum for endpoint numbers, replacing magic constants
throughout. Add usb_check_bulk_endpoints() and usb_check_int_endpoints()
calls after usb_set_interface() to verify endpoint types before use,
rejecting devices with mismatched descriptors at probe time.

Similar to
- commit 90b7f29617 ("net: usb: rtl8150: enable basic endpoint checking")
which fixed the issue in rtl8150.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Suggested-by: Simon Horman <horms@kernel.org>
Signed-off-by: Ziyi Guo <n7l8m4@u.northwestern.edu>
Link: https://patch.msgid.link/20260212214154.3609844-1-n7l8m4@u.northwestern.edu
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2026-03-04 07:20:37 -05:00
..
aqc111.c
aqc111.h
asix_common.c
net: usb: asix: validate PHY address before use
2026-01-08 10:14:34 +01:00
asix_devices.c
net: usb: asix_devices: Check return value of usbnet_get_endpoints
2025-11-13 15:33:54 -05:00
asix.h
ax88172a.c
ax88179_178a.c
catc.c
net: usb: catc: enable basic endpoint checking
2026-03-04 07:20:37 -05:00
cdc_eem.c
cdc_ether.c
cdc_mbim.c
cdc_ncm.c
cdc_subset.c
cdc-phonet.c
ch9200.c
cx82310_eth.c
dm9601.c
net: usb: dm9601: remove broken SR9700 support
2026-01-30 10:28:38 +01:00
gl620a.c
hso.c
huawei_cdc_ncm.c
int51x1.c
ipheth.c
kalmia.c
kaweth.c
Kconfig
lan78xx.c
net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset
2025-10-23 16:20:32 +02:00
lan78xx.h
lg-vl600.c
Makefile
mcs7830.c
net1080.c
pegasus.c
net: usb: pegasus: fix memory leak in update_eth_regs_async()
2026-01-17 16:31:25 +01:00
pegasus.h
plusb.c
qmi_wwan.c
net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup
2025-11-13 15:34:38 -05:00
r8152.c
net: usb: r8152: fix resume reset deadlock
2026-02-11 13:40:26 +01:00
r8153_ecm.c
rndis_host.c
rtl8150.c
net: usb: rtl8150: fix memory leak on usb_submit_urb() failure
2026-01-08 10:14:33 +01:00
sierra_net.c
smsc75xx.c
smsc75xx.h
smsc95xx.c
smsc95xx.h
sr9700.c
net: usb: sr9700: support devices with virtual driver CD
2026-02-11 13:40:19 +01:00
sr9700.h
sr9800.c
sr9800.h
usbnet.c
usbnet: limit max_mtu based on device's hard_mtu
2026-01-30 10:28:42 +01:00
zaurus.c