iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/net/wireless
History
Dan Carpenter 11e7a91994 airo: Fix read overflows sending packets 
The problem is that we always copy a minimum of ETH_ZLEN (60) bytes from
skb->data even when skb->len is less than ETH_ZLEN so it leads to a read
overflow.

The fix is to pad skb->data to at least ETH_ZLEN bytes.

Cc: <stable@vger.kernel.org>
Reported-by: Hu Jiahui <kirin.say@gmail.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20200527184830.GA1164846@mwanda
2020-05-29 20:40:22 +03:00
..
admtek
adm80211: Replace zero-length array with flexible-array member
2020-03-23 19:16:11 +02:00
ath
Merge ath-next from git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git
2020-05-29 17:37:25 +03:00
atmel
atmel: Use shared constant for rfc1042 header
2020-05-29 20:16:24 +03:00
broadcom
brcmfmac: 43012 Update MES Watermark
2020-05-29 20:39:40 +03:00
cisco
airo: Fix read overflows sending packets
2020-05-29 20:40:22 +03:00
intel
One batch of changes, containing:
2020-05-26 20:17:35 -07:00
intersil
prism54: Replace zero-length array with flexible-array
2020-05-12 11:55:48 +03:00
marvell
libertas: Use shared constant for rfc1042 header
2020-05-29 20:16:00 +03:00
mediatek
mt76: mt7915: Fix build error
2020-05-22 15:39:40 +03:00
quantenna
One batch of changes, containing:
2020-05-26 20:17:35 -07:00
ralink
rt2800: enable MFP support unconditionally
2020-05-29 18:42:28 +03:00
realtek
rtw88: 8822c: remove CCK TX setting when switch channel
2020-05-29 20:37:10 +03:00
rsi
rsi: fix a typo "throld" -> "threshold"
2020-04-14 18:04:15 +03:00
st
cw1200: Remove local sdio VENDOR and DEVICE id definitions
2020-05-29 20:15:24 +03:00
ti
wlcore: fix runtime pm imbalance in wlcore_irq_locked
2020-05-29 20:38:15 +03:00
zydas
zd1211rw: Replace zero-length array with flexible-array member
2020-03-23 19:13:28 +02:00
Kconfig
docs: networking: convert ray_cs.txt to ReST
2020-04-30 12:56:37 -07:00
mac80211_hwsim.c
One batch of changes, containing:
2020-05-26 20:17:35 -07:00
mac80211_hwsim.h
mac80211_hwsim: notify wmediumd of used MAC addresses
2020-04-24 11:45:47 +02:00
Makefile
ray_cs.c
ray_cs: use true,false for bool variable
2020-05-06 11:33:23 +03:00
ray_cs.h
rayctl.h
ray_cs: Replace zero-length array with flexible-array member
2020-03-23 19:18:27 +02:00
rndis_wlan.c
rndis_wlan: Replace zero-length array with flexible-array
2020-05-12 11:56:55 +03:00
virt_wifi.c
virt_wifi: implement ndo_get_iflink
2020-03-20 14:42:20 +01:00
wl3501_cs.c
netdev: pass the stuck queue to the timeout handler
2019-12-12 21:38:57 -08:00
wl3501.h
wl3501_cs: Replace zero-length array with flexible-array member
2020-03-23 19:21:21 +02:00