| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fb7fac70-1d81-4dee-97ed-66c6a58720ca@kadam.mountain>
Date: Mon, 10 Jul 2023 09:08:27 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Zhang Shurong <zhang_shurong@...mail.com>
Cc: gregkh@...uxfoundation.org, error27@...il.com, xu.panda@....com.cn,
linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: ks7010: potential buffer overflow in
ks_wlan_set_encode_ext()
On Sun, Jul 09, 2023 at 01:50:07PM +0800, Zhang Shurong wrote:
> The "exc->key_len" is a u16 that comes from the user. If it's over
> IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.
>
> Fixes: b121d84882b9 ("staging: ks7010: simplify calls to memcpy()")
>
> Signed-off-by: Zhang Shurong <zhang_shurong@...mail.com>
Reviewed-by: Dan Carpenter <dan.carpenter@...aro.org>
regards,
dan carpenter
Powered by blists - more mailing lists