a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4e2cb1d84b
android_kernel_samsung_a7y1.../net/wireless
History
Johannes Berg 4e2cb1d84b nl80211: validate beacon head 
commit f88eb7c0d002a67ef31aeb7850b42ff69abc46dc upstream.

We currently don't validate the beacon head, i.e. the header,
fixed part and elements that are to go in front of the TIM
element. This means that the variable elements there can be
malformed, e.g. have a length exceeding the buffer size, but
most downstream code from this assumes that this has already
been checked.

Add the necessary checks to the netlink policy.

Cc: stable@vger.kernel.org
Fixes: ed1b6cc7f80f ("cfg80211/nl80211: add beacon settings")
Link: https://lore.kernel.org/r/1569009255-I7ac7fbe9436e9d8733439eab8acbbd35e55c74ef@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-07 08:08:22 +02:00
..
ap.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
chan.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
core.c cfg80211: fix memory leak of wiphy device name 2020-04-06 19:16:58 +02:00
core.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
db.txt A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
debugfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
debugfs.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ethtool.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
genregdb.awk A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ibss.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lib80211_crypt_ccmp.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lib80211_crypt_tkip.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lib80211_crypt_wep.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lib80211.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Makefile A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mesh.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mlme.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nl80211.c nl80211: validate beacon head 2020-04-07 08:08:22 +02:00
nl80211.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ocb.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
radiotap.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
rdev-ops.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
reg.c cfg80211: initialize on-stack chandefs 2020-04-07 08:07:52 +02:00
reg.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
regdb.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
scan.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sme.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysfs.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
trace.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
trace.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
util.c cfg80211: Purge frame registrations on iftype change 2020-04-07 07:40:43 +02:00
wext-compat.c cfg80211: initialize on-stack chandefs 2020-04-07 08:07:52 +02:00
wext-compat.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
wext-core.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
wext-priv.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
wext-proc.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
wext-sme.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
wext-spy.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30