diff --git a/ims-pcu-sanity-check-against-missing-interfaces.patch b/ims-pcu-sanity-check-against-missing-interfaces.patch
new file mode 100644
index 0000000..827a2b7
--- /dev/null
+++ b/ims-pcu-sanity-check-against-missing-interfaces.patch
@@ -0,0 +1,39 @@
+From a4200b7eb26271108586d3a7cf34a2f16d460e48 Mon Sep 17 00:00:00 2001
+From: Oliver Neukum <oneukum@suse.com>
+Date: Thu, 17 Mar 2016 15:10:47 +0100
+Subject: [PATCH] ims-pcu: sanity check against missing interfaces
+
+A malicious device missing interface can make the driver oops.
+Add sanity checking.
+
+Signed-off-by: Oliver Neukum <ONeukum@suse.com>
+CC: stable@vger.kernel.org
+---
+ drivers/input/misc/ims-pcu.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/drivers/input/misc/ims-pcu.c b/drivers/input/misc/ims-pcu.c
+index ac1fa5f44580..9c0ea36913b4 100644
+--- a/drivers/input/misc/ims-pcu.c
++++ b/drivers/input/misc/ims-pcu.c
+@@ -1663,6 +1663,8 @@ static int ims_pcu_parse_cdc_data(struct usb_interface *intf, struct ims_pcu *pc
+ 
+ 	pcu->ctrl_intf = usb_ifnum_to_if(pcu->udev,
+ 					 union_desc->bMasterInterface0);
++	if (!pcu->ctrl_intf)
++		return -EINVAL;
+ 
+ 	alt = pcu->ctrl_intf->cur_altsetting;
+ 	pcu->ep_ctrl = &alt->endpoint[0].desc;
+@@ -1670,6 +1672,8 @@ static int ims_pcu_parse_cdc_data(struct usb_interface *intf, struct ims_pcu *pc
+ 
+ 	pcu->data_intf = usb_ifnum_to_if(pcu->udev,
+ 					 union_desc->bSlaveInterface0);
++	if (!pcu->data_intf)
++		return -EINVAL;
+ 
+ 	alt = pcu->data_intf->cur_altsetting;
+ 	if (alt->desc.bNumEndpoints != 2) {
+-- 
+2.5.0
+
diff --git a/kernel.spec b/kernel.spec
index 197f9e1..5646e21 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -649,6 +649,8 @@ Patch676: cdc-acm-more-sanity-checking.patch
 #CVE-2016-3140 rhbz 1317010 1316995
 Patch677: digi_acceleport-do-sanity-checking-for-the-number-of.patch
 
+Patch678: ims-pcu-sanity-check-against-missing-interfaces.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -2171,6 +2173,7 @@ fi
 # 
 %changelog
 * Fri Mar 18 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- ims-pcu: sanity checking on missing interfaces
 - CVE-2016-3140 digi_acceleport: oops on invalid USB descriptors (rhbz 1317010 1316995)
 - CVE-2016-3138 cdc_acm: oops on invalid USB descriptors (rhbz 1317010 1316204)
 - CVE-2016-2185 ati_remote2: oops on invalid USB descriptors (rhbz 1317014 1317471)