Brian Norris <briannorris@xxxxxxxxxxxx> writes:
> On Mon, Jan 6, 2020 at 2:43 PM Brian Norris <briannorris@xxxxxxxxxxxx> wrote:
>>
>> We called rcu_read_lock(), so we need to call rcu_read_unlock() before
>> we return.
>>
>> Fixes: 3d94a4a8373b ("mwifiex: fix possible heap overflow in mwifiex_process_country_ie()")
>> Cc: stable@xxxxxxxxxxxxxxx
>> Cc: huangwen <huangwenabc@xxxxxxxxx>
>> Cc: Ganapathi Bhat <ganapathi.bhat@xxxxxxx>
>> Signed-off-by: Brian Norris <briannorris@xxxxxxxxxxxx>
>
> I probably should have mentioned somewhere here: the bug is currently
> in 5.5-rc and is being ported to -stable already (I'll try to head
> that off). So this probably should have said [PATCH 5.5]. Sorry about
> that.
Ok, I'll queue this to v5.5.
--
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
