[SRU][N][PATCH 0/1] CVE-2024-56663
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Tue Feb 11 11:49:28 UTC 2025
[Impact]
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
Since the netlink attribute range validation provides inclusive
checking, the *max* of attribute NL80211_ATTR_MLO_LINK_ID should be
IEEE80211_MLD_MAX_NUM_LINKS - 1 otherwise causing an off-by-one.
Update the policy to ensure correct validation.
[Fix]
Oracular: Fixed via upstream stable updates (LP: #2097332)
Noble: Cherry picked from mainline
Jammy: Not affected
Focal: Not affected
[Test case]
Compile tested only.
[Where problems could occur]
A regression here is unlikely due to the very limited scope of the
patch.
Lin Ma (1):
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
net/wireless/nl80211.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list