shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-04 04:03:04 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
57b0a08e34062361ba67fb9baa03ebbf5e3a620e
linux/drivers/net/wireless
History
Lior David 1c96def6ec wil6210: fix length check in __wmi_send 
[ Upstream commit 26a6d52748 ]

The current length check:
sizeof(cmd) + len > r->entry_size
will allow very large values of len (> U16_MAX - sizeof(cmd))
and can cause a buffer overflow. Fix the check to cover this case.
In addition, ensure the mailbox entry_size is not too small,
since this can also bypass the above check.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-15 17:15:55 +09:00
..
admtek
adm80211: add checks for dma mapping errors
2017-11-30 08:39:13 +00:00
ath
wil6210: fix length check in __wmi_send
2023-05-15 17:15:55 +09:00
atmel
at76c50x-usb: Don't register led_trigger if usb_register_driver failed
2023-05-15 12:59:32 +09:00
broadcom
b43legacy: Fix -Wcast-function-type
2023-05-15 16:58:38 +09:00
cisco
airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
2023-05-15 16:54:50 +09:00
intel
iwlwifi: pcie: fix rb_allocator workqueue allocation
2023-05-15 17:01:03 +09:00
intersil
hostap: Adjust indentation in prism2_hostapd_add_sta
2023-05-15 16:59:37 +09:00
marvell
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
2023-05-15 17:09:37 +09:00
mediatek
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
2023-05-15 16:42:32 +09:00
ralink
rt2x00: do not increment sequence number while re-transmitting
2023-05-15 12:27:57 +09:00
realtek
rtlwifi: rtl_pci: Fix -Wcast-function-type
2023-05-15 16:58:42 +09:00
rsi
rsi_91x_usb: fix interface sanity check
2023-05-15 16:53:48 +09:00
st
cw1200: Fix a signedness bug in cw1200_load_firmware()
2023-05-15 16:35:37 +09:00
ti
wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()'
2023-05-15 15:18:42 +09:00
zydas
zd1211rw: fix storage endpoint lookup
2023-05-15 16:54:05 +09:00
Kconfig
ODROID: Move esp8089 driver to hardware directory.
2020-12-18 12:43:51 +09:00
mac80211_hwsim.c
mac80211_hwsim: Use kstrndup() in place of kasprintf()
2023-05-15 17:15:26 +09:00
mac80211_hwsim.h
drivers/wireless: use nla_put_u64_64bit()
2016-04-26 12:00:48 -04:00
Makefile
ODROID: Move esp8089 driver to hardware directory.
2020-12-18 12:43:51 +09:00
ray_cs.c
ray_cs: Avoid reading past end of buffer
2018-04-13 19:48:03 +02:00
ray_cs.h
ray_cs: Add include guards
2014-08-28 14:41:56 -04:00
rayctl.h
ray_cs: Add include guards
2014-08-28 14:41:56 -04:00
rndis_wlan.c
rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
2023-05-15 08:29:09 +09:00
wl3501_cs.c
wl3501_cs: Add spinlock to wl3501_reset
2016-09-03 13:01:18 +03:00
wl3501.h