On Wed, 2014-07-09 at 16:55 +0300, Emmanuel Grumbach wrote: > From: Max Stepanov <Max.Stepanov@xxxxxxxxx> > > The NULL pointer access could happen when ieee80211_crypto_hw_decrypt > is called from ieee80211_rx_h_decrypt with the following condition: > 1. rx->key->conf.cipher is not WEP, CCMP, TKIP or AES_CMAC > 2. rx->sta is NULL > > When ieee80211_crypto_hw_decrypt is called, it verifies > rx->sta->cipher_scheme and it will cause Oops if rx->sta is NULL. > > This path adds an addirional rx->sta == NULL verification in > ieee80211_crypto_hw_decrypt for this case. Applied. johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
