opnsense-src

mirror of https://github.com/opnsense/src.git synced 2026-06-22 06:59:37 -04:00

History

Pierre Pronchery 152bb8e302 umb: avoid buffer overflow in umb_getinfobuf() umb_getinfobuf() is called with offs and size taken from messages sent by the USB device. The sanity check is not sufficient, due to a possible integer wrap. This can allow a broken or malicious USB device, or possibly the network operator, to cause a buffer overflow. This fix from Gerhard Roth was obtained after coordination upstream with OpenBSD. It converts the variables to 64-bit integers, which should mitigate the risk of overflows. PR: 284906 Reported by: Robert Morris <rtm@lcs.mit.edu> Approved by: philip (mentor) Sponsored by: The FreeBSD Foundation		2025-05-29 15:07:54 +02:00
..
if_aue.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_auereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_axe.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_axereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_axge.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_axgereg.h	axge: Add support for AX88179A	2023-10-04 11:08:06 -04:00
if_cdce.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_cdceem.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_cdcereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_cue.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_cuereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_ipheth.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_iphethvar.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00
if_kue.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_kuefw.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_kuereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_mos.c	usb/if_mos.c: Fix incorrect SPDX ID	2025-05-28 17:08:00 -04:00
if_mosreg.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00
if_muge.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_mugereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_rue.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_ruereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_smsc.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_smscreg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_udav.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_udavreg.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00
if_umb.c	umb: avoid buffer overflow in umb_getinfobuf()	2025-05-29 15:07:54 +02:00
if_umbreg.h	umb: Introduce the USB umb(4) network driver	2025-01-20 23:46:15 +00:00
if_ure.c	usb: if_ure: stop touching the mbuf accounting on rxq insertion	2025-04-20 13:28:12 -05:00
if_urereg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
if_urndis.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
if_urndisreg.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00
if_usie.c	if_usie: fix typo	2024-09-22 00:56:37 +02:00
if_usievar.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00
mbim.h	umb: Introduce the USB umb(4) network driver	2025-01-20 23:46:15 +00:00
ruephy.c	usb: Kill left-over cdefs.h includes	2025-03-04 14:44:22 -07:00
ruephyreg.h	sys: Remove $FreeBSD$: two-line .h pattern	2023-08-16 11:54:11 -06:00
uhso.c	net: Remove unneeded NULL check for the allocated ifnet	2024-06-28 18:16:29 +08:00
usb_ethernet.c	usb: if_ure: stop touching the mbuf accounting on rxq insertion	2025-04-20 13:28:12 -05:00
usb_ethernet.h	sys: Remove $FreeBSD$: one-line .c comment pattern	2023-08-16 11:54:24 -06:00