[SRU][Jammy-OEM-6.0/OEM-5.17][PATCH 0/1] CVE-2023-1380
Yuxuan Luo
yuxuan.luo at canonical.com
Fri Jul 28 22:24:14 UTC 2023
[Impact]
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux
Kernel. This issue could occur when assoc_info->req_len data is bigger than
the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of
service.
[Backport]
It is a clean cherry pick.
[Test]
Compile and smoke tested via modprobe and rmmod the brmcfmac module.
[Potential Regression]
Expecting low potential of regression as the fix only adds an additionaly layer
of sanity check.
Jisoo Jang (1):
wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 5 +++++
1 file changed, 5 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list