NACK: [SRU][J][PATCH v3 0/1] CVE-2023-52593
Alice Munduruca
alice.munduruca at canonical.com
Thu Aug 7 13:47:40 UTC 2025
Preparing a v4 to include a missing fix I hadn't seen pointed out.
On Thu, 7 Aug 2025 at 09:05, <alice.munduruca at canonical.com> wrote:
>
> From: "Alice C. Munduruca" <alice.munduruca at canonical.com>
>
> v2 -> change `cherry-picked from` to `backported from` with added
> notes concerning the changes. Changed the `Where problems could
> occur` section as previous was incorrect.
> v3 -> added this changelog to document version changes.
>
> [ Impact ]
>
> No check is made in `wfx_set_mfp_ap` in case the function
> `ieee80211_beacon_get` returns a null pointer in case of error.
> As a result, we add a check to ensure a null pointer dereference
> does not occur.
>
> [ Fix ]
>
> Jammy: Backported from torvalds/linux --
> `wfx_hif_set_mfp` was changed to the applicable
> `hif_set_mfp` given the lack of namespacing prior
> to commit fcd6c0f9a12369ae6d500d747e668ed98ef5edd6.
>
> [ Test Plan ]
>
> Compile and boot tested, since no hardware is available.
>
> [ Where problems could occur ]
>
> It's possible that the additional checks (although marked with the
> unlikely macro) could result in performance degradations should the
> function be called sufficiently often.
>
> Dmitry Antipov (1):
> wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
>
> drivers/staging/wfx/sta.c | 43 +++++++++++++++++++++++----------------
> 1 file changed, 25 insertions(+), 18 deletions(-)
>
> --
> 2.48.1
>
More information about the kernel-team
mailing list