shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-02 03:03:00 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
eabf462c0bb2f2e7cdaecf39d760703ffe36ed50
linux/drivers/net
History
Lior David 1c96def6ec wil6210: fix length check in __wmi_send 
[ Upstream commit 26a6d52748 ]

The current length check:
sizeof(cmd) + len > r->entry_size
will allow very large values of len (> U16_MAX - sizeof(cmd))
and can cause a buffer overflow. Fix the check to cover this case.
In addition, ensure the mailbox entry_size is not too small,
since this can also bypass the above check.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-15 17:15:55 +09:00
..
appletalk
net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
2023-05-15 08:25:07 +09:00
arcnet
arcnet: provide a buffer big enough to actually receive packets
2023-05-15 14:32:17 +09:00
bonding
bonding/alb: make sure arp header is pulled before accessing it
2023-05-15 17:09:18 +09:00
caif
caif-hsi: fix possible deadlock in cfhsi_exit_module()
2023-05-15 14:03:16 +09:00
can
slcan: Don't transmit uninitialized stack data in padding
2023-05-15 17:13:08 +09:00
cris
treewide: replace dev->trans_start update with helper
2016-05-04 14:16:49 -04:00
dsa
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
2023-05-15 17:13:06 +09:00
ethernet
qlcnic: Fix bad kzalloc null test
2023-05-15 17:13:45 +09:00
fddi
net: skfb: remove obsolete -I cflag
2016-06-15 22:06:06 -07:00
fjes
fjes: fix missed check in fjes_acpi_add
2023-05-15 16:20:18 +09:00
hamradio
6pack,mkiss: fix possible deadlock
2023-05-15 16:21:39 +09:00
hippi
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
2018-02-25 11:05:50 +01:00
hyperv
hv_netvsc: Fix IP header checksum for coalesced packets
2023-05-15 11:49:53 +09:00
ieee802154
ieee802154: atusb: fix use-after-free at disconnect
2023-05-15 14:47:44 +09:00
ipvlan
ipvlan: don't deref eth hdr before checking it's set
2023-05-15 17:09:14 +09:00
irda
irda: vlsi_ir: fix check for DMA mapping errors
2017-12-25 14:23:41 +01:00
phy
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
2023-05-15 17:13:10 +09:00
plip
ppp
ppp: Adjust indentation into ppp_async_input
2023-05-15 16:56:24 +09:00
slip
slip: make slhc_compress() more robust against malicious packets
2023-05-15 17:09:17 +09:00
team
team: add missing attribute validation for array index
2023-05-15 17:09:07 +09:00
usb
r8152: check disconnect status after long sleep
2023-05-15 17:08:59 +09:00
vmxnet3
vmxnet3: use DMA memory barriers where required
2018-05-25 16:12:56 +02:00
wan
wan: ixp4xx_hss: fix compile-testing on 64-bit
2023-05-15 16:59:04 +09:00
wimax
wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle
2023-05-15 16:34:04 +09:00
wireless
wil6210: fix length check in __wmi_send
2023-05-15 17:15:55 +09:00
xen-netback
net: xen-netback: fix return type of ndo_start_xmit function
2023-05-15 15:11:16 +09:00
dummy.c
eql.c
geneve.c
geneve: add missing rx stats accounting
2018-04-13 19:48:26 +02:00
gtp.c
gtp: use __GFP_NOWARN to avoid memalloc warning
2023-05-15 16:55:15 +09:00
ifb.c
ifb: support more features
2016-05-09 00:00:28 -04:00
Kconfig
vmxnet3: prevent building with 64K pages
2018-02-25 11:05:51 +01:00
LICENSE.SRC
loopback.c
net: introduce device min_header_len
2017-02-18 15:11:43 +01:00
macsec.c
macsec: restrict to ethernet devices
2023-05-15 17:11:19 +09:00
macvlan.c
macvlan: add cond_resched() during multicast processing
2023-05-15 17:09:15 +09:00
macvtap.c
tap: double-free in error path in tap_open()
2017-11-18 11:22:22 +01:00
Makefile
gtp: add initial driver for datapath of GPRS Tunneling Protocol (GTP-U)
2016-05-10 12:25:04 -04:00
mdio.c
mii.c
netconsole.c
nlmon.c
ntb_netdev.c
ntb_netdev: fix sleep time mismatch
2023-05-15 15:18:33 +09:00
rionet.c
rapidio/rionet: do not free skb before reading its length
2023-05-15 10:05:03 +09:00
sb1000.c
Space.c
net: Fix coding style warnings and errors.
2016-05-19 11:48:27 -07:00
sungem_phy.c
tun.c
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
2023-05-15 17:02:04 +09:00
veth.c
veth: set peer GSO values
2018-03-22 09:17:57 +01:00
virtio_net.c
virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
2018-05-30 07:50:44 +02:00
vrf.c
vrf: make sure skb->data contains ip header to make routing
2023-05-15 14:04:23 +09:00
vxlan.c
vxlan: check return value of gro_cells_init()
2023-05-15 17:11:26 +09:00
xen-netfront.c
xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
2023-05-15 14:41:36 +09:00