lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2026020709-breeder-delicacy-91bf@gregkh>
Date: Sat, 7 Feb 2026 14:07:49 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Luka Gejak <lukagejak5@...il.com>
Cc: Dan Carpenter <dan.carpenter@...aro.org>, linux-staging@...ts.linux.dev,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v6 1/5] staging: rtl8723bs: fix potential out-of-bounds
 read in  rtw_restruct_wmm_ie

On Fri, Jan 30, 2026 at 07:56:54PM +0100, Luka Gejak wrote:
> The current code checks 'i + 5 < in_len' at the end of the if statement.
> However, it accesses 'in_ie[i + 5]' before that check, which can lead
> to an out-of-bounds read. Move the length check to the beginning of the
> conditional to ensure the index is within bounds before accessing the
> array.
> 
> Fixes: 554c0a3abf21 ("staging: Add rtl8723bs sdio wifi driver")
> Cc: stable@...r.kernel.org
> Signed-off-by: Luka Gejak <lukagejak5@...il.com>
> ---
>  drivers/staging/rtl8723bs/core/rtw_mlme.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)

Nit, you have an exta ' ' in the subject line :(

I'll take it, just be more careful next time please.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ