Antti Antinoja <antti@xxxxxxxxxxx> writes: > Please refer to: > > * https://grsecurity.net/the_life_of_a_bad_security_fix > * > https://github.com/torvalds/linux/commit/3d94a4a8373bf5f45cf5f939e88b8354dbf2311b#diff-c5e2f17b92b8e8f30306c5dd148d874f > > At quick glance it looks to me like the issue really is there: Not > calling rcu_read_unlock() before return on line 237. Ganapahti, can you send a fix this for this? Remember to add to the commit log: Fixes: 3d94a4a8373b ("mwifiex: fix possible heap overflow in mwifiex_process_country_ie()") -- https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
