subject:"\[PATCH 4.4 13\/25\] scsi\: arcmsr\: Buffer overflow in arcmsr_iop_message_xfer\(\)"

[PATCH 4.4 13/25] scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()

2016-10-21 Thread Greg Kroah-Hartman

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Dan Carpenter commit 7bc2b55a5c030685b399bb65b6baa9ccc3d1f167 upstream. We need to put an upper bound on "user_len" so the memcpy() doesn't overflow. Reported-by:

[PATCH 4.4 13/25] scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer()

2016-10-21 Thread Greg Kroah-Hartman

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Dan Carpenter commit 7bc2b55a5c030685b399bb65b6baa9ccc3d1f167 upstream. We need to put an upper bound on "user_len" so the memcpy() doesn't overflow. Reported-by: Marco Grassi Signed-off-by: