Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 5d99bc3a authored by Johannes Berg's avatar Johannes Berg Committed by Lee Jones
Browse files

UPSTREAM: wifi: cfg80211: fix buffer overflow in elem comparison 



For vendor elements, the code here assumes that 5 octets
are present without checking. Since the element itself is
already checked to fit, we only need to check the length.

Bug: 254441685
Reported-and-tested-by: default avatarSönke Huster <shuster@seemoo.tu-darmstadt.de>
Fixes: 0b8fb8235be8 ("cfg80211: Parsing of Multiple BSSID information in scanning")
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
(cherry picked from commit 9f16b5c82a025cd4c864737409234ddc44fb166a)
Signed-off-by: default avatarLee Jones <joneslee@google.com>
Change-Id: Ic2910eb2d150852fa315c31fd978bd8640fa37da
parent 959b3545
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment