Commit 5dd5899c authored by Johannes Berg's avatar Johannes Berg Committed by sanglipeng
Browse files

wifi: cfg80211: fix buffer overflow in elem comparison 

stable inclusion
from stable-v5.10.158
commit 9e6b79a3cd17620d467311b30d56f2648f6880aa
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I7NTXH

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9e6b79a3cd17620d467311b30d56f2648f6880aa



--------------------------------

[ Upstream commit 9f16b5c8 ]

For vendor elements, the code here assumes that 5 octets
are present without checking. Since the element itself is
already checked to fit, we only need to check the length.

Reported-and-tested-by: default avatarSönke Huster <shuster@seemoo.tu-darmstadt.de>
Fixes: 0b8fb823 ("cfg80211: Parsing of Multiple BSSID information in scanning")
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
parent 1ba15e7a
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment