This is a note to let you know that I've just added the patch titled cfg80211: scan: drop entry from hidden_list on overflow to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: cfg80211-scan-drop-entry-from-hidden_list-on-overflow.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 010bfbe768f7ecc876ffba92db30432de4997e2a Mon Sep 17 00:00:00 2001 From: Johannes Berg <johannes.berg@xxxxxxxxx> Date: Fri, 16 Apr 2021 09:42:14 +0200 Subject: cfg80211: scan: drop entry from hidden_list on overflow From: Johannes Berg <johannes.berg@xxxxxxxxx> commit 010bfbe768f7ecc876ffba92db30432de4997e2a upstream. If we overflow the maximum number of BSS entries and free the new entry, drop it from any hidden_list that it may have been added to in the code above or in cfg80211_combine_bsses(). Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Link: https://lore.kernel.org/r/20210416094212.5de7d1676ad7.Ied283b0bc5f504845e7d6ab90626bdfa68bb3dc0@changeid Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- net/wireless/scan.c | 2 ++ 1 file changed, 2 insertions(+) --- a/net/wireless/scan.c +++ b/net/wireless/scan.c @@ -1033,6 +1033,8 @@ cfg80211_bss_update(struct cfg80211_regi if (rdev->bss_entries >= bss_entries_limit && !cfg80211_bss_expire_oldest(rdev)) { + if (!list_empty(&new->hidden_list)) + list_del(&new->hidden_list); kfree(new); goto drop; } Patches currently in stable-queue which might be from johannes.berg@xxxxxxxxx are queue-4.14/cfg80211-scan-drop-entry-from-hidden_list-on-overflow.patch