archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-08 02:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/drivers/net/wireless
History
Exact
Lorenzo Bianconi 4e10a730d1 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() 
Check frame length before accessing the mgmt fields in
mt76_connac2_mac_write_txwi_80211 in order to avoid a possible oob
access.

Fixes: 577dbc6c65 ("mt76: mt7915: enable offloading of sequence number assignment")
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
Link: https://patch.msgid.link/20260226-mt76-addba-req-oob-access-v1-3-b0f6d1ad4850@kernel.org
[fix check to also cover mgmt->u.action.u.addba_req.capab,
correct Fixes tag]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2026-03-03 12:13:36 +01:00
..
admtek wifi: cfg80211/mac80211: Add support to get radio index 2025-06-24 15:19:27 +02:00
ath ath.git update for v7.0-rc3 2026-03-03 12:05:21 +01:00
atmel Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
broadcom Including fixes from IPsec, Bluetooth and netfilter 2026-02-26 08:00:13 -08:00
intel Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
intersil Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
marvell Including fixes from IPsec, Bluetooth and netfilter 2026-02-26 08:00:13 -08:00
mediatek wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() 2026-03-03 12:13:36 +01:00
microchip Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
purelifi Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
quantenna Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
ralink Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
realtek Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
rsi wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config 2026-03-02 12:06:03 +01:00
silabs Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
st wifi: cw1200: Fix locking in error paths 2026-03-03 12:00:51 +01:00
ti wifi: wlcore: Fix a locking bug 2026-03-03 12:02:05 +01:00
virtual Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
zydas Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
Kconfig
Makefile