Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
xen.10697
CVE-2016-2392-qemuu-usb-null-pointer-dereferenc...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch of Package xen.10697
References: bsc#967090 CVE-2016-2392 When processing remote NDIS control message packets, the USB Net device emulator checks to see if the USB configuration descriptor object is of RNDIS type(2). But it does not check if it is null, which leads to a null dereference error. Add check to avoid it. Reported-by: Qinghao Tang <address@hidden> Signed-off-by: Prasad J Pandit <address@hidden> --- hw/usb/dev-network.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/usb/dev-network.c =================================================================== --- xen-4.4.4-testing.orig/tools/qemu-xen-dir-remote/hw/usb/dev-network.c +++ xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/usb/dev-network.c @@ -651,7 +651,8 @@ typedef struct USBNetState { static int is_rndis(USBNetState *s) { - return s->dev.config->bConfigurationValue == DEV_RNDIS_CONFIG_VALUE; + return s->dev.config ? + s->dev.config->bConfigurationValue == DEV_RNDIS_CONFIG_VALUE : 0; } static int ndis_query(USBNetState *s, uint32_t oid,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor