Lee Gibson <leegib@xxxxxxxxx> wrote: > Function qtnf_event_handle_external_auth calls memcpy without > checking the length. > A user could control that length and trigger a buffer overflow. > Fix by checking the length is within the maximum allowed size. > > Signed-off-by: Lee Gibson <leegib@xxxxxxxxx> Patch applied to wireless-drivers-next.git, thanks. 130f634da1af qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth -- https://patchwork.kernel.org/project/linux-wireless/patch/20210419145842.345787-1-leegib@xxxxxxxxx/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
