proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2026-01-06 05:54:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f44dd33e63
mirror_ubuntu-kernels/drivers/net/wireless/ath
History
Carl Huang f44dd33e63 ath11k: fix memory OOB access in qmi_decode 
The decoded_size is wrongly assigned in ath11k_qmi_msg_handlers and it results
in out of boundary access in qmi_decode. The correct decoded_size should be
calculated from the related ind_msg structure.

This issue is exposed with QCA6390 because it needs 11 small memory chunks
which are stored in qmi_wlanfw_request_mem_ind_msg_v01 and hence the
decoded_size exceeds the wrongly assigend decoded_size.

Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1
Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2

Signed-off-by: Carl Huang <cjhuang@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/1597389030-13887-9-git-send-email-kvalo@codeaurora.org
2020-08-17 13:18:30 +03:00
..
ar5523 treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
ath5k ath5k: Replace HTTP links with HTTPS ones 2020-08-14 18:06:36 +03:00
ath6kl treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
ath9k ath9k: Use fallthrough pseudo-keyword 2020-08-14 18:04:06 +03:00
ath10k ath10k: correct the array index from mcs index for HT mode for QCA6174 2020-08-15 10:06:00 +03:00
ath11k ath11k: fix memory OOB access in qmi_decode 2020-08-17 13:18:30 +03:00
carl9170 ath: fix wiki website url 2020-06-09 09:25:25 +03:00
wcn36xx wcn36xx: Use sequence number allocated by mac80211 2020-08-14 18:02:28 +03:00
wil6210 Merge ath-next from git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git 2020-06-15 20:18:39 +03:00
ath.h
debug.c
dfs_pattern_detector.c ath: drop unnecessary list_empty 2020-08-14 18:05:06 +03:00
dfs_pattern_detector.h
dfs_pri_detector.c
dfs_pri_detector.h
hw.c
Kconfig Merge ath-next from git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git 2020-06-15 20:18:39 +03:00
key.c
main.c
Makefile ath11k: driver for Qualcomm IEEE 802.11ax devices 2019-11-25 14:16:34 +02:00
reg.h
regd_common.h ath: regd: add extra US coutry codes 2019-02-07 17:02:19 +02:00
regd.c ath: add support for special 0x0 regulatory domain 2019-12-02 12:08:01 +02:00
regd.h ath: drop duplicated define 2019-04-29 17:55:53 +03:00
spectral_common.h ath11k: add support for spectral scan 2020-06-15 17:21:54 +03:00
trace.c
trace.h