Search Linux Wireless

Re: [PATCH v2] rtlwifi: Fix potential overflow on P2P code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Pkshih <pkshih@xxxxxxxxxxx> writes:

> On Fri, 2019-10-18 at 07:43 -0400, Laura Abbott wrote:
>> Nicolas Waisman noticed that even though noa_len is checked for
>> a compatible length it's still possible to overrun the buffers
>> of p2pinfo since there's no check on the upper bound of noa_num.
>> Bound noa_num against P2P_MAX_NOA_NUM.
>> 
>> Reported-by: Nicolas Waisman <nico@xxxxxxxxxx>
>> Signed-off-by: Laura Abbott <labbott@xxxxxxxxxx>
>
> Acked-by: Ping-Ke Shih <pkshih@xxxxxxxxxxx>
> and Please CC to stable
> Cc: Stable <stable@xxxxxxxxxxxxxxx> # 4.4+
>
> ---
>
> Hi Kalle,
>
> This bug was existing since v3.10, and directory of wireless drivers were
> moved at v4.4. Do I need send another patch to fix this issue for longterm
> kernel v3.16.75?

Yeah, I think you need to send a separate patch to the stable list
(after this commit is in Linus' tree).

-- 
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches



[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux