lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <35593d3b-e4df-45a3-9c9b-101420aedff8@gmail.com>
Date: Sat, 10 Aug 2024 11:59:41 +0200
From: vincenzo mezzela <vincenzo.mezzela@...il.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: johannes@...solutions.net, sashal@...nel.org,
 linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
 javier.carrasco.cruz@...il.com, skhan@...uxfoundation.org,
 stable@...r.kernel.org, Johannes Berg <johannes.berg@...el.com>,
 syzbot+07bee335584b04e7c2f8@...kaller.appspotmail.com
Subject: Re: [PATCH] wifi: mac80211: check basic rates validity

On 7/30/24 16:23, Greg KH wrote:
> On Mon, Jul 29, 2024 at 03:43:18PM +0200, Vincenzo Mezzela wrote:
>> From: Johannes Berg <johannes.berg@...el.com>
>>
>> commit ce04abc3fcc62cd5640af981ebfd7c4dc3bded28 upstream.
>>
>> When userspace sets basic rates, it might send us some rates
>> list that's empty or consists of invalid values only. We're
>> currently ignoring invalid values and then may end up with a
>> rates bitmap that's empty, which later results in a warning.
>>
>> Reject the call if there were no valid rates.
>>
>> [ Conflict resolution involved adjusting the patch to accommodate
>> changes in the function signature of ieee80211_parse_bitrates and
>> ieee80211_check_rate_mask ]
>>
>> Signed-off-by: Johannes Berg <johannes.berg@...el.com>
>> Reported-by: syzbot+07bee335584b04e7c2f8@...kaller.appspotmail.com
>> Tested-by: syzbot+07bee335584b04e7c2f8@...kaller.appspotmail.com
>> Closes: https://syzkaller.appspot.com/bug?extid=07bee335584b04e7c2f8
>> Signed-off-by: Vincenzo Mezzela <vincenzo.mezzela@...il.com>
>> ---
>> Hi,
>> please note that a backport of the same patch for v5.15 is available at
>> [1].
> Please resend [1] as it's gone from my queue.
>
> greg k-h

Hi Greg,

I've just sent it here [1].


Vincenzo


- [1] 
https://lore.kernel.org/all/20240810095432.89063-1-vincenzo.mezzela@gmail.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ