| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_7D179E301BED4B391BC12537BA47BB6D3308@qq.com>
Date: Tue, 8 Apr 2025 22:30:05 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+00778a9a557a2a5e1a33@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [wireless?] general protection fault in cfg80211_mlme_deauth
#syz test
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index cf998500a965..916c9e8fea15 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -268,6 +268,12 @@ void cfg80211_conn_work(struct work_struct *work)
if (wdev->conn->params.bssid) {
memcpy(bssid_buf, wdev->conn->params.bssid, ETH_ALEN);
bssid = bssid_buf;
+ } else {
+ if (wdev->conn->state == CFG80211_CONN_ASSOC_FAILED && wdev->conn->bssid) {
+ wdev->conn->params.bssid = wdev->conn->bssid;
+ memcpy(bssid_buf, wdev->conn->bssid, ETH_ALEN);
+ bssid = bssid_buf;
+ }
}
treason = NL80211_TIMEOUT_UNSPECIFIED;
if (cfg80211_conn_do_work(wdev, &treason)) {
@@ -411,6 +417,8 @@ bool cfg80211_sme_rx_assoc_resp(struct wireless_dev *wdev, u16 status)
return true;
}
+ printk("bssid: %p, pbssid: %p, dis bssid: %p, %s\n",
+ wdev->conn->bssid, wdev->conn->params.bssid, wdev->disconnect_bssid, __func__);
wdev->conn->state = CFG80211_CONN_ASSOC_FAILED;
schedule_work(&rdev->conn_work);
return false;
Powered by blists - more mailing lists