lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Jan 2020 07:21:35 +0100 From: Nicolai Stange <nstange@...e.de> To: Kalle Valo <kvalo@...eaurora.org> Cc: Nicolai Stange <nstange@...e.de>, "David S. Miller" <davem@...emloft.net>, Wen Huang <huangwenabc@...il.com>, libertas-dev@...ts.infradead.org, linux-wireless@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Takashi Iwai <tiwai@...e.de>, Miroslav Benes <mbenes@...e.cz> Subject: Re: [PATCH 1/2] libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held Kalle Valo <kvalo@...eaurora.org> writes: > Nicolai Stange <nstange@...e.de> writes: > >> Commit e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss >> descriptor") introduced a bounds check on the number of supplied rates to >> lbs_ibss_join_existing(). >> >> Unfortunately, it introduced a return path from within a RCU read side >> critical section without a corresponding rcu_read_unlock(). Fix this. >> >> Fixes: e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss >> descriptor") > > This should be in one line, I'll fix it during commit. Thanks! -- SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany (HRB 36809, AG Nürnberg), GF: Felix Imendörffer
Powered by blists - more mailing lists