1 files changed, 0 insertions, 49 deletions

diff --git a/recipes-kernel/linux/files/HID_CVE_patches/0013-HID-picolcd_core-validate-output-report-details.patch b/recipes-kernel/linux/files/HID_CVE_patches/0013-HID-picolcd_core-validate-output-report-details.patch
deleted file mode 100644
index 7abf193..0000000
--- a/recipes-kernel/linux/files/HID_CVE_patches/0013-HID-picolcd_core-validate-output-report-details.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 1e87a2456b0227ca4ab881e19a11bb99d164e792 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Wed, 28 Aug 2013 22:31:52 +0200
-Subject: [PATCH] HID: picolcd_core: validate output report details
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-A HID device could send a malicious output report that would cause the
-picolcd HID driver to trigger a NULL dereference during attr file writing.
-
-[jkosina@suse.cz: changed
-
-        report->maxfield < 1
-
-to
-
-        report->maxfield != 1
-
-as suggested by Bruno].
-
-CVE-2013-2899
-
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Cc: stable@kernel.org
-Reviewed-by: Bruno Prémont <bonbons@linux-vserver.org>
-Acked-by: Bruno Prémont <bonbons@linux-vserver.org>
-Signed-off-by: Jiri Kosina <jkosina@suse.cz>
-Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
----
- drivers/hid/hid-picolcd_core.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/hid/hid-picolcd_core.c b/drivers/hid/hid-picolcd_core.c
-index b48092d..acbb0210 100644
---- a/drivers/hid/hid-picolcd_core.c
-+++ b/drivers/hid/hid-picolcd_core.c
-@@ -290,7 +290,7 @@ static ssize_t picolcd_operation_mode_store(struct device *dev,
-                buf += 10;
-                cnt -= 10;
-        }
--       if (!report)
-+       if (!report || report->maxfield != 1)
-                return -EINVAL;
- 
-        while (cnt > 0 && (buf[cnt-1] == '\n' || buf[cnt-1] == '\r'))
--- 
-1.7.9.5
-