| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200127143718.981A6C433CB@smtp.codeaurora.org>
Date: Mon, 27 Jan 2020 14:37:18 +0000 (UTC)
From: Kalle Valo <kvalo@...eaurora.org>
To: Nicolai Stange <nstange@...e.de>
Cc: "David S. Miller" <davem@...emloft.net>,
Wen Huang <huangwenabc@...il.com>,
Nicolai Stange <nstange@...e.de>,
libertas-dev@...ts.infradead.org, linux-wireless@...r.kernel.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
Takashi Iwai <tiwai@...e.de>, Miroslav Benes <mbenes@...e.cz>
Subject: Re: [PATCH 1/2] libertas: don't exit from lbs_ibss_join_existing()
with RCU read lock held
Nicolai Stange <nstange@...e.de> wrote:
> Commit e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss
> descriptor") introduced a bounds check on the number of supplied rates to
> lbs_ibss_join_existing().
>
> Unfortunately, it introduced a return path from within a RCU read side
> critical section without a corresponding rcu_read_unlock(). Fix this.
>
> Fixes: e5e884b42639 ("libertas: Fix two buffer overflows at parsing bss descriptor")
> Signed-off-by: Nicolai Stange <nstange@...e.de>
2 patches applied to wireless-drivers.git, thanks.
c7bf1fb7ddca libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
1754c4f60aaf libertas: make lbs_ibss_join_existing() return error code on rates overflow
--
https://patchwork.kernel.org/patch/11331869/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
Powered by blists - more mailing lists