ACK: [SRU][Jammy-OEM-6.0/OEM-5.17][PATCH 0/1] CVE-2023-1380
Tim Gardner
tim.gardner at canonical.com
Mon Jul 31 14:34:01 UTC 2023
On 7/28/23 4:24 PM, Yuxuan Luo wrote:
> [Impact]
> A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in
> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux
> Kernel. This issue could occur when assoc_info->req_len data is bigger than
> the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of
> service.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile and smoke tested via modprobe and rmmod the brmcfmac module.
>
> [Potential Regression]
> Expecting low potential of regression as the fix only adds an additionaly layer
> of sanity check.
>
> Jisoo Jang (1):
> wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
>
> drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list