| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 19 Oct 2019 13:57:31 +0300
From: Kalle Valo <kvalo@...eaurora.org>
To: Pkshih <pkshih@...ltek.com>
Cc: "labbott\@redhat.com" <labbott@...hat.com>,
"linux-wireless\@vger.kernel.org" <linux-wireless@...r.kernel.org>,
"davem\@davemloft.net" <davem@...emloft.net>,
"netdev\@vger.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
"nico\@semmle.com" <nico@...mle.com>
Subject: Re: [PATCH v2] rtlwifi: Fix potential overflow on P2P code
Pkshih <pkshih@...ltek.com> writes:
> On Fri, 2019-10-18 at 07:43 -0400, Laura Abbott wrote:
>> Nicolas Waisman noticed that even though noa_len is checked for
>> a compatible length it's still possible to overrun the buffers
>> of p2pinfo since there's no check on the upper bound of noa_num.
>> Bound noa_num against P2P_MAX_NOA_NUM.
>>
>> Reported-by: Nicolas Waisman <nico@...mle.com>
>> Signed-off-by: Laura Abbott <labbott@...hat.com>
>
> Acked-by: Ping-Ke Shih <pkshih@...ltek.com>
> and Please CC to stable
> Cc: Stable <stable@...r.kernel.org> # 4.4+
>
> ---
>
> Hi Kalle,
>
> This bug was existing since v3.10, and directory of wireless drivers were
> moved at v4.4. Do I need send another patch to fix this issue for longterm
> kernel v3.16.75?
Yeah, I think you need to send a separate patch to the stable list
(after this commit is in Linus' tree).
--
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
Powered by blists - more mailing lists