iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Luciano Coelho 208c72f4fe nl80211: fix check for valid SSID size in scan operations 
In both trigger_scan and sched_scan operations, we were checking for
the SSID length before assigning the value correctly.  Since the
memory was just kzalloc'ed, the check was always failing and SSID with
over 32 characters were allowed to go through.

This was causing a buffer overflow when copying the actual SSID to the
proper place.

This bug has been there since 2.6.29-rc4.

Cc: stable@kernel.org
Signed-off-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-05-26 15:43:28 -04:00
..
9p
[net/9p]: Introduce basic flow-control for VirtIO transport.
2011-03-22 16:32:50 -05:00
802
net/802: add __rcu annotations
2010-10-25 13:09:44 -07:00
8021q
vlan: should take into account needed_headroom
2011-03-18 15:13:12 -07:00
appletalk
appletalk: Fix OOPS in atalk_release().
2011-03-31 18:59:10 -07:00
atm
atm/solos-pci: Don't flap VCs when carrier state changes
2011-03-30 16:53:38 -07:00
ax25
net: ax25: fix information leak to userland harder
2011-01-12 00:34:49 -08:00
batman-adv
Merge branch 'batman-adv/next' of git://git.open-mesh.org/ecsv/linux-merge
2011-03-07 00:37:13 -08:00
bluetooth
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6
2011-05-12 14:06:10 -04:00
bridge
bridge: mcast snooping, fix length check of snooped MLDv1/2
2011-03-30 02:28:20 -07:00
caif
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-02-08 17:19:01 -08:00
can
can: make struct proto const
2011-03-27 23:34:59 -07:00
ceph
libceph: add lingering request and watch/notify event framework
2011-03-22 11:33:55 -07:00
core
netdev: fix mtu check when TSO is enabled
2011-03-30 02:42:17 -07:00
dcb
net: dcbnl: Update copyright dates
2011-03-14 17:02:42 -07:00
dccp
net: Put fl6_* macros to struct flowi6 and use them again.
2011-03-12 15:08:55 -08:00
decnet
decnet: Convert to use flowidn where applicable.
2011-03-12 15:08:55 -08:00
dns_resolver
DNS: Fix a NULL pointer deref when trying to read an error key [CVE-2011-1076]
2011-03-04 09:56:19 +11:00
dsa
dsa/mv88e6060: support nonzero mii base address
2011-03-08 14:24:20 -08:00
econet
econet: 4 byte infoleak to the network
2011-03-18 15:12:15 -07:00
ethernet
eth: fix new kernel-doc warning
2011-01-12 19:00:40 -08:00
ieee802154
net: RCU conversion of dev_getbyhwaddr() and arp_ioctl()
2010-12-08 10:07:24 -08:00
ipv4
tcp: len check is unnecessarily devastating, change to WARN_ON
2011-04-01 21:47:41 -07:00
ipv6
net: gre: provide multicast mappings for ipv4 and ipv6
2011-03-30 00:10:47 -07:00
ipx
ipx: fix ipx_release()
2011-03-21 18:16:39 -07:00
irda
irda: validate peer name and attribute lengths
2011-03-27 17:59:02 -07:00
iucv
[S390] irq: have detailed statistics for interrupt types
2011-01-05 12:47:25 +01:00
key
pfkey: fix warning
2011-03-01 22:51:52 -08:00
l2tp
l2tp: fix possible oops on l2tp_eth module unload
2011-03-21 18:10:25 -07:00
lapb
Net: lapb: Makefile: Remove deprecated kbuild goal definitions
2010-11-22 08:16:14 -08:00
llc
llc: avoid skb_clone() if there is only one handler
2011-02-28 12:28:50 -08:00
mac80211
mac80211: Don't sleep when growing the mesh path
2011-05-19 13:54:14 -04:00
netfilter
IPVS: Use global mutex in ip_vs_app.c
2011-03-21 20:39:24 -07:00
netlabel
netlink: kill loginuid/sessionid/sid members from struct netlink_skb_parms
2011-03-03 10:55:40 -08:00
netlink
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-03-03 21:27:42 -08:00
netrom
packet
af_packet: struct socket declared/assigned but unused
2011-03-07 15:51:13 -08:00
phonet
Phonet: fix aligned-mode pipe socket buffer header reserve
2011-03-15 14:55:49 -07:00
rds
rds: use little-endian bitops
2011-03-23 19:46:16 -07:00
rfkill
net: rfkill: add generic gpio rfkill driver
2011-05-19 13:53:54 -04:00
rose
rose: Add length checks to CALL_REQUEST parsing
2011-03-27 17:59:04 -07:00
rxrpc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
2011-03-16 16:29:25 -07:00
sched
ipv4: Remove flowi from struct rtable.
2011-03-04 21:55:31 -08:00
sctp
sctp: malloc enough room for asconf-ack chunk
2011-04-01 21:45:51 -07:00
sunrpc
NFS: Ensure that rpc_release_resources_task() can be called twice.
2011-03-27 17:55:36 +02:00
tipc
tipc: delete extra semicolon blocking node deletion
2011-03-14 12:21:12 -04:00
unix
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
2011-03-16 16:29:25 -07:00
wanrouter
net: cleanup unused macros in net directory
2011-01-19 23:20:04 -08:00
wimax
wireless
nl80211: fix check for valid SSID size in scan operations
2011-05-26 15:43:28 -04:00
x25
x25: remove the BKL
2011-03-05 10:55:45 +01:00
xfrm
xfrm: Restrict extended sequence numbers to esp
2011-03-28 23:34:53 -07:00
compat.c
net: Limit socket I/O iovec total length to INT_MAX.
2010-10-28 11:47:52 -07:00
Kconfig
net: RPS: Enable hardware acceleration of RFS
2011-01-24 14:53:01 -08:00
Makefile
net: Enter net/ipv6/ even if CONFIG_IPV6=n
2011-03-07 12:50:52 -08:00
nonet.c
llseek: automatically add .llseek fop
2010-10-15 15:53:27 +02:00
socket.c
ethtool: Compat handling for struct ethtool_rxnfc
2011-03-18 15:13:11 -07:00
sysctl_net.c
TUNABLE