Oliver Neukum 8df672bfe3 usb: class: cdc-wdm: fix reordering issue in read code path ... Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc->length update can be reordered before the memmove. If this happens, wdm_read() can see the new length and call copy_to_user() on uninitialized memory. This also violates LKMM data race rules [1]. Fix it by using WRITE_ONCE and memory barriers. Fixes: afba937e54 ("USB: CDC WDM driver") Cc: stable <stable@kernel.org> Signed-off-by: Oliver Neukum <oneukum@suse.com> Closes: https://lore.kernel.org/linux-usb/CALbr=LbrUZn_cfp7CfR-7Z5wDTHF96qeuM=3fO2m-q4cDrnC4A@mail.gmail.com/ Reported-by: Gui-Dong Han <hanguidong02@gmail.com> Reviewed-by: Gui-Dong Han <hanguidong02@gmail.com> Link: https://patch.msgid.link/20260304130116.1721682-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2026-03-11 16:18:31 +01:00
..
Kconfig	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
Makefile	USB: add SPDX identifiers to all remaining Makefiles	2017-11-07 15:53:48 +01:00
cdc-acm.c	usb: cdc-acm: Restore CAP_BRK functionnality to CH343	2026-03-11 16:17:55 +01:00
cdc-acm.h	usb: cdc-acm: Restore CAP_BRK functionnality to CH343	2026-03-11 16:17:55 +01:00
cdc-wdm.c	usb: class: cdc-wdm: fix reordering issue in read code path	2026-03-11 16:18:31 +01:00
usblp.c	Convert 'alloc_obj' family to use the new default GFP_KERNEL argument	2026-02-21 17:09:51 -08:00
usbtmc.c	USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts	2026-03-11 16:16:56 +01:00