Patch "wifi: mac80211: don't parse mbssid in assoc response" has been added to the 5.10-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Sat, 15 Oct 2022 17:27:35 +0200

This is a note to let you know that I've just added the patch titled

    wifi: mac80211: don't parse mbssid in assoc response

to the 5.10-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     wifi-mac80211-don-t-parse-mbssid-in-assoc-response.patch
and it can be found in the queue-5.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Sat Oct 15 05:26:34 PM CEST 2022
From: Johannes Berg <johannes@xxxxxxxxxxxxxxxx>
Date: Fri, 14 Oct 2022 18:41:49 +0200
Subject: wifi: mac80211: don't parse mbssid in assoc response
To: linux-wireless@xxxxxxxxxxxxxxx, stable@xxxxxxxxxxxxxxx
Cc: Felix Fietkau <nbd@xxxxxxxx>, Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>, Marcus Meissner <meissner@xxxxxxx>, Jiri Kosina <jkosina@xxxxxxx>, Johannes Berg <johannes.berg@xxxxxxxxx>
Message-ID: <20221014184133.c1c3a823db3d.I6c0186979a2872e7f7da75f9f8f93b07046afcf2@changeid>

From: Johannes Berg <johannes.berg@xxxxxxxxx>

This is simply not valid and simplifies the next commit.
I'll make a separate patch for this in the current main
tree as well.

Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 net/mac80211/mlme.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -3300,7 +3300,7 @@ static bool ieee80211_assoc_success(stru
 	}
 	capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
 	ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, elems,
-			       mgmt->bssid, assoc_data->bss->bssid);
+			       mgmt->bssid, NULL);
 
 	if (elems->aid_resp)
 		aid = le16_to_cpu(elems->aid_resp->aid);
@@ -3708,7 +3708,7 @@ static void ieee80211_rx_mgmt_assoc_resp
 		return;
 
 	ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, &elems,
-			       mgmt->bssid, assoc_data->bss->bssid);
+			       mgmt->bssid, NULL);
 
 	if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
 	    elems.timeout_int &&


Patches currently in stable-queue which might be from johannes@xxxxxxxxxxxxxxxx are

queue-5.10/wifi-mac80211-don-t-parse-mbssid-in-assoc-response.patch
queue-5.10/mac80211-mlme-find-auth-challenge-directly.patch
queue-5.10/wifi-mac80211-fix-mbssid-parsing-use-after-free.patch






