--- zzzz-none-000/linux-4.4.60/drivers/usb/class/cdc-acm.c 2017-04-08 07:53:53.000000000 +0000 +++ dragonfly-4020-701/linux-4.4.60/drivers/usb/class/cdc-acm.c 2018-11-08 13:36:17.000000000 +0000 @@ -1146,6 +1146,10 @@ elength = 1; goto next_desc; } + if ((buflen < elength) || (elength < 3)) { + dev_err(&intf->dev, "invalid descriptor buffer length\n"); + break; + } if (buffer[1] != USB_DT_CS_INTERFACE) { dev_err(&intf->dev, "skipping garbage\n"); goto next_desc;