APPLIED: [SRU][L/K/J/F/B][PATCH 0/1] CVE-2023-1380
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Thu May 11 16:04:48 UTC 2023
Applied to lunar,kinetic,jammy,focal,bionic linux master-next
Thanks,
- Luke
On Tue, May 9, 2023 at 9:07 PM Yuxuan Luo <yuxuan.luo at canonical.com> wrote:
> [Impact]
> A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in
> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux
> Kernel. This issue could occur when assoc_info->req_len data is bigger
> than
> the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial
> of
> service.
>
> [Backport]
> It is a clean cherry pick for L/K/J/F.
> For Bionic, substitute `bphy_err()` with `brcmf_err()` since `bphy_err()`
> was
> yet to be introduced in the Bionic tree.
>
> [Test]
> Compile and smoke tested via modprobe and rmmod the brmcfmac module.
>
> [Potential Regression]
> Expecting low potential of regression as the fix only adds an additionaly
> layer
> of sanity check.
>
> Jisoo Jang (1):
> wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
>
> drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230511/5eb50954/attachment-0001.html>
More information about the kernel-team
mailing list