On Wed, Aug 02, 2023 at 03:52:13PM +0530, Ashwin Dayanand Kamat wrote: > From: Wen Gong <wgong@xxxxxxxxxxxxxx> > > commit 0dc267b13f3a7e8424a898815dd357211b737330 upstream. > > TKIP Michael MIC was not verified properly for PCIe cases since the > validation steps in ieee80211_rx_h_michael_mic_verify() in mac80211 did > not get fully executed due to unexpected flag values in > ieee80211_rx_status. > > Fix this by setting the flags property to meet mac80211 expectations for > performing Michael MIC validation there. This fixes CVE-2020-26141. It > does the same as ath10k_htt_rx_proc_rx_ind_hl() for SDIO which passed > MIC verification case. This applies only to QCA6174/QCA9377 PCIe. > > Tested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00110-QCARMSWP-1 > > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Wen Gong <wgong@xxxxxxxxxxxxxx> > Signed-off-by: Jouni Malinen <jouni@xxxxxxxxxxxxxx> > Link: https://lore.kernel.org/r/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid > Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx> > Signed-off-by: Ashwin Dayanand Kamat <kashwindayan@xxxxxxxxxx> > --- > drivers/net/wireless/ath/ath10k/htt_rx.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > Now queued up, thanks. greg k-h
