drivers/net/wireless/quantenna/qtnfmac/event.c · 7fef2edf7cc753b51f7ccc74993971b0a9c81eca · Dennis Giaya / linux

Apr 19, 2021

qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth · 130f634d

Lee Gibson authored Apr 19, 2021



Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Signed-off-by: Lee Gibson <leegib@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210419145842.345787-1-leegib@gmail.com

130f634d

qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth

Lee Gibson authored Apr 19, 2021



Function qtnf_event_handle_external_auth calls memcpy without
checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Signed-off-by: Lee Gibson <leegib@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Link: https://lore.kernel.org/r/20210419145842.345787-1-leegib@gmail.com