linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-06 19:08:57 +09:00

Go to file

Navaneeth K 34620eb602 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing

commit 6ef0e1c10455927867cac8f0ed6b49f328f8cf95 upstream.

The Supported Rates IE length from an incoming Association Request frame
was used directly as the memcpy() length when copying into a fixed-size
16-byte stack buffer (supportRate). A malicious station can advertise an
IE length larger than 16 bytes, causing a stack buffer overflow.

Clamp ie_len to the buffer size before copying the Supported Rates IE,
and correct the bounds check when merging Extended Supported Rates to
prevent a second potential overflow.

This prevents kernel stack corruption triggered by malformed association
requests.

Signed-off-by: Navaneeth K <knavaneeth786@gmail.com>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2026-01-11 15:21:11 +01:00

arch

LoongArch: Mask all interrupts during kexec/kdump

2026-01-11 15:21:10 +01:00

block

blk-cgroup: fix possible deadlock while configuring policy

2025-11-24 10:29:22 +01:00

certs

sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3

2025-04-25 10:45:58 +02:00

crypto

crypto: essiv - Check ssize for decryption and in-place encryption

2025-10-19 16:30:45 +02:00

Documentation

Documentation: process: Also mention Sasha Levin as stable tree maintainer

2026-01-11 15:21:06 +01:00

drivers

staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing

2026-01-11 15:21:11 +01:00

bfs: Reconstruct file type when loading from disk

2026-01-11 15:21:09 +01:00

include

Revert "xfrm: destroy xfrm_state synchronously on net exit path"

2026-01-11 15:21:06 +01:00

init

init: handle bootloader identifier in kernel parameters

2025-10-19 16:30:50 +02:00

io_uring

io_uring: correct __must_hold annotation in io_install_fixed_file

2025-10-29 14:07:04 +01:00

ipc

ipc: fix to protect IPCS lookups using RCU

2025-06-27 11:08:49 +01:00

kernel

ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct()

2026-01-11 15:21:08 +01:00

lib

maple_tree: fix tracepoint string pointers

2025-12-01 11:41:52 +01:00

LICENSES

LICENSES: Add the copyleft-next-0.3.1 license

2022-11-08 15:44:01 +01:00

mm/mempool: fix poisoning order>0 pages with HIGHMEM

2025-12-01 11:41:54 +01:00

net

xfrm: flush all states in xfrm_state_fini

2026-01-11 15:21:06 +01:00

rust

mm/ksm: fix flag-dropping behavior in ksm_madvise

2025-10-23 16:16:44 +02:00

samples

samples: work around glibc redefining some of our defines wrong

2026-01-11 15:21:10 +01:00

scripts

kconfig/nconf: Initialize the default locale at startup

2025-12-01 11:41:50 +01:00

security

ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

2025-11-24 10:29:46 +01:00

sound

ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series

2026-01-11 15:21:09 +01:00

tools

selftests: mptcp: join: properly kill background tasks

2025-12-07 06:18:54 +09:00

usr

kbuild: uapi: Strip comments before size type check

2025-11-24 10:29:49 +01:00

virt

KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock

2024-10-04 16:29:47 +02:00

.clang-format

iommu: Add for_each_group_device()

2023-05-23 08:15:51 +02:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

get_maintainer: add Alan to .get_maintainer.ignore

2022-08-20 15:17:44 -07:00

.gitattributes

.gitattributes: set diff driver for Rust source code files

2023-05-31 17:48:25 +02:00

.gitignore

Remove *.orig pattern from .gitignore

2024-10-04 16:29:44 +02:00

.mailmap

Merge tag 'mm-hotfixes-stable-2023-10-24-09-40' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

2023-10-24 09:52:16 -10:00

.rustfmt.toml

rust: add .rustfmt.toml

2022-09-28 09:02:20 +02:00

COPYING

COPYING: state that all contributions really are covered by this file

2020-02-10 13:32:20 -08:00

CREDITS

USB: Remove Wireless USB and UWB documentation

2023-08-09 14:17:32 +02:00

Kbuild

Merge tag 'kbuild-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2022-10-10 12:00:45 -07:00

Kconfig

kbuild: ensure full rebuild when the compiler is updated

2020-05-12 13:28:33 +09:00

MAINTAINERS

staging: rtl8712: Remove driver using deprecated API wext

2025-12-07 06:18:54 +09:00

Makefile

Linux 6.6.119

2025-12-07 06:18:54 +09:00

README

Drop all 00-INDEX files from Documentation/

2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.