Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit b35029a1 authored by Zhang Xiaohui's avatar Zhang Xiaohui Committed by Greg Kroah-Hartman
Browse files

mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start 



[ Upstream commit 5c455c5ab332773464d02ba17015acdca198f03d ]

mwifiex_cmd_802_11_ad_hoc_start() calls memcpy() without checking
the destination size may trigger a buffer overflower,
which a local user could use to cause denial of service
or the execution of arbitrary code.
Fix it by putting the length check before calling memcpy().

Signed-off-by: default avatarZhang Xiaohui <ruc_zhangxiaohui@163.com>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20201206084801.26479-1-ruc_zhangxiaohui@163.com


Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent f817a993
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment