lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 23 Oct 2019 10:31:11 +0000 (UTC)
From:   Kalle Valo <kvalo@...eaurora.org>
To:     Laura Abbott <labbott@...hat.com>
Cc:     Ping-Ke Shih <pkshih@...ltek.com>,
        Laura Abbott <labbott@...hat.com>,
        "David S . Miller" <davem@...emloft.net>,
        linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Nicolas Waisman <nico@...mle.com>
Subject: Re: [PATCH v2] rtlwifi: Fix potential overflow on P2P code

Laura Abbott <labbott@...hat.com> wrote:

> Nicolas Waisman noticed that even though noa_len is checked for
> a compatible length it's still possible to overrun the buffers
> of p2pinfo since there's no check on the upper bound of noa_num.
> Bound noa_num against P2P_MAX_NOA_NUM.
> 
> Reported-by: Nicolas Waisman <nico@...mle.com>
> Signed-off-by: Laura Abbott <labbott@...hat.com>
> Acked-by: Ping-Ke Shih <pkshih@...ltek.com>

Patch applied to wireless-drivers.git, thanks.

8c55dedb795b rtlwifi: Fix potential overflow on P2P code

-- 
https://patchwork.kernel.org/patch/11198315/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ