[PATCH 4/6] staging: rtl8723bs: Fix potential overuse of kernel memory
Greg KH
gregkh at linuxfoundation.org
Mon Feb 10 18:27:55 UTC 2020
On Mon, Feb 10, 2020 at 12:02:33PM -0600, Larry Finger wrote:
> In routine wpa_supplicant_ioctl(), the user-controlled p->length is
> checked to be at least the size of struct ieee_param size, but the code
> does not detect the case where p->length is greater than the size
> of the struct, thus a malicious user could be wasting kernel memory.
> Fixes commit 554c0a3abf216 ("staging: Add rtl8723bs sdio wifi driver").
>
> Reported by: Pietro Oliva <pietroliva at gmail.com>
> Cc: Pietro Oliva <pietroliva at gmail.com>
> Cc: Stable <stable at vger.kernel.org>
> Fixes: 554c0a3abf216 ("staging: Add rtl8723bs sdio wifi driver").
> Signed-off-by: Larry Finger <Larry.Finger at lwfinger.net>
> -# Please enter the commit message for your changes. Lines starting
> ---
Funny line :)
I'll go edit it...
thanks,
greg k-h
More information about the devel
mailing list