diff options
| author | Peter Hutterer <peter.hutterer@who-t.net> | 2023-12-21 13:48:10 +1000 |
|---|---|---|
| committer | José Expósito <jose.exposito89@gmail.com> | 2024-01-16 09:57:55 +0100 |
| commit | 8887cb1f27c72324b50383b644cefb960e21f5ff (patch) | |
| tree | c5c3bc7a7163013ef2629355471cdf33282c0e96 /render | |
| parent | 7173a8911ebeaa7c9c12bd64a2ba9c8685c6593c (diff) | |
Xi: when creating a new ButtonClass, set the number of buttons
There's a racy sequence where a master device may copy the button class
from the slave, without ever initializing numButtons. This leads to a
device with zero buttons but a button class which is invalid.
Let's copy the numButtons value from the source - by definition if we
don't have a button class yet we do not have any other slave devices
with more than this number of buttons anyway.
CVE-2024-0229, ZDI-CAN-22678
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
(cherry picked from commit df3c65706eb169d5938df0052059f3e0d5981b74)
Diffstat (limited to 'render')
0 files changed, 0 insertions, 0 deletions