Commit 7bd57837 authored by Ryosuke Yasuoka's avatar Ryosuke Yasuoka Committed by Zheng Zucheng
Browse files

nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() 

mainline inclusion
from mainline-v6.9-rc1
commit 6671e352497ca4bb07a96c48e03907065ff77d8a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9QG8F
CVE: CVE-2024-35915

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6671e352497ca4bb07a96c48e03907065ff77d8a



--------------------------------

When nci_rx_work() receives a zero-length payload packet, it should not
discard the packet and exit the loop. Instead, it should continue
processing subsequent packets.

Fixes: d24b03535e5e ("nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet")
Signed-off-by: default avatarRyosuke Yasuoka <ryasuoka@redhat.com>
Reviewed-by: default avatarSimon Horman <horms@kernel.org>
Reviewed-by: default avatarKrzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
Link: https://lore.kernel.org/r/20240521153444.535399-1-ryasuoka@redhat.com


Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
Signed-off-by: default avatarZheng Zucheng <zhengzucheng@huawei.com>
parent 356773ce
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment