Commit a5809aff authored by Phil Turnbull's avatar Phil Turnbull Committed by Zheng Zengkai
Browse files

wifi: wilc1000: validate pairwise and authentication suite offsets 

stable inclusion
from stable-v5.10.156
commit 7c6535fb4d67ea37c98a1d1d24ca33dd5ec42693
category: bugfix
bugzilla: 188177, https://gitee.com/src-openeuler/kernel/issues/I66M3K
CVE: CVE-2022-47520

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7c6535fb4d67ea37c98a1d1d24ca33dd5ec42693



--------------------------------

commit cd21d99e upstream.

There is no validation of 'offset' which can trigger an out-of-bounds
read when extracting RSN capabilities.

Signed-off-by: default avatarPhil Turnbull <philipturnbull@github.com>
Tested-by: default avatarAjay Kathat <ajay.kathat@microchip.com>
Acked-by: default avatarAjay Kathat <ajay.kathat@microchip.com>
Signed-off-by: default avatarKalle Valo <kvalo@kernel.org>
Link: https://lore.kernel.org/r/20221123153543.8568-2-philipturnbull@github.com


Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarDong Chenchen <dongchenchen2@huawei.com>
Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Reviewed-by: default avatarXiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 88fa55ac
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment