Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit e785fa0a authored by Vladis Dronov's avatar Vladis Dronov Committed by Johannes Berg
Browse files

nl80211: check for the required netlink attributes presence 

nl80211_set_rekey_data() does not check if the required attributes
NL80211_REKEY_DATA_{REPLAY_CTR,KEK,KCK} are present when processing
NL80211_CMD_SET_REKEY_OFFLOAD request. This request can be issued by
users with CAP_NET_ADMIN privilege and may result in NULL dereference
and a system crash. Add a check for the required attributes presence.
This patch is based on the patch by bo Zhang.

This fixes CVE-2017-12153.

References: https://bugzilla.redhat.com/show_bug.cgi?id=1491046


Fixes: e5497d76 ("cfg80211/nl80211: support GTK rekey offload")
Cc: <stable@vger.kernel.org> # v3.1-rc1
Reported-by: default avatarbo Zhang <zhangbo5891001@gmail.com>
Signed-off-by: default avatarVladis Dronov <vdronov@redhat.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 126f760c
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment