mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Wen Huang <[email protected]>	2019-08-28 10:07:51 +0800
committer	Kalle Valo <[email protected]>	2019-09-03 16:50:21 +0300
commit	7caac62ed598a196d6ddf8d9c121e12e082cac3a (patch)
tree	926f8c0a3bb5c8cff8ee3a1d5d8a4a85e94e853b /scripts/gcc-plugins/cyc_complexity_plugin.c
parent	70702265a04aa0ce5a7bde77d13456209992b32f (diff)

mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings

mwifiex_update_vs_ie(),mwifiex_set_uap_rates() and mwifiex_set_wmm_params() call memcpy() without checking the destination size.Since the source is given from user-space, this may trigger a heap buffer overflow. Fix them by putting the length check before performing memcpy(). This fix addresses CVE-2019-14814,CVE-2019-14815,CVE-2019-14816. Signed-off-by: Wen Huang <[email protected]> Acked-by: Ganapathi Bhat <[email protected]> Signed-off-by: Kalle Valo <[email protected]>

Diffstat (limited to 'scripts/gcc-plugins/cyc_complexity_plugin.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: