projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd813e5) | patch
nl80211: validate beacon head
authorJohannes Berg <johannes.berg@intel.com>
Fri, 20 Sep 2019 19:54:17 +0000 (21:54 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 11 Oct 2019 16:18:49 +0000 (18:18 +0200)
commit01ec813e457954d8eeaf768d57d625752d245bc9
tree22d17626be18c462161b10ad7197d9d871300b5dtree | snapshot (tar.gz zip)
parentcd813e524abcf7dc89231930858f1ac3af372af9commit | diff
nl80211: validate beacon head

commit f88eb7c0d002a67ef31aeb7850b42ff69abc46dc upstream.

We currently don't validate the beacon head, i.e. the header,
fixed part and elements that are to go in front of the TIM
element. This means that the variable elements there can be
malformed, e.g. have a length exceeding the buffer size, but
most downstream code from this assumes that this has already
been checked.

Add the necessary checks to the netlink policy.

Cc: stable@vger.kernel.org
Fixes: ed1b6cc7f80f ("cfg80211/nl80211: add beacon settings")
Link: https://lore.kernel.org/r/1569009255-I7ac7fbe9436e9d8733439eab8acbbd35e55c74ef@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/wireless/nl80211.c diff | blob | blame | history