[OEM-5.14/5.17/6.0][PATCH] CVE-2022-47520
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Feb 8 21:27:35 UTC 2023
[Impact]
There exists an unchecked index in the wilc1000 driver that could trigger an
out-of-bound read vulnerability, damaging system's integrity and
confidentiality for microchip wilc1000 users.
[Backport]
It is a clean cherry for these three OEMs.
[Test]
Due to lack of hardware, all the patches were only compile tested.
[Potential Regression]
The scope of regression is limited to wilc1000/hif.c (or wilc1000/wilc_hif.c
before the refactoring), affected users are wilc1000 users.
Phil Turnbull (1):
wifi: wilc1000: validate pairwise and authentication suite offsets
drivers/net/wireless/microchip/wilc1000/hif.c | 21 ++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list