mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-06 16:49:22 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/nfc
History
Lin Ma 1ac0d736c8 nfc: nci: fix the UAF of rf_conn_info object 
commit 1b1499a817 upstream.

The nci_core_conn_close_rsp_packet() function will release the conn_info
with given conn_id. However, it needs to set the rf_conn_info to NULL to
prevent other routines like nci_rf_intf_activated_ntf_packet() to trigger
the UAF.

Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: Lin Ma <linma@zju.edu.cn>
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-10-27 09:53:14 +02:00
..
hci net: nfc: fix bounds checking bugs on "pipe" 2020-03-18 07:14:12 +01:00
nci nfc: nci: fix the UAF of rf_conn_info object 2021-10-27 09:53:14 +02:00
af_nfc.c nfc: fix error handling of nfc_proto_register() 2021-10-20 11:23:04 +02:00
core.c NFC: Convert timers to use timer_setup() 2017-11-06 01:12:10 +01:00
digital.h
digital_core.c NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() 2021-10-20 11:23:04 +02:00
digital_dep.c net:nfc:digital: Fix a double free in digital_tg_recv_dep_req 2021-05-22 10:59:38 +02:00
digital_technology.c NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 2021-10-20 11:23:04 +02:00
Kconfig
llcp.h
llcp_commands.c net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails 2019-03-10 07:17:18 +01:00
llcp_core.c net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails 2019-03-10 07:17:18 +01:00
llcp_sock.c nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect 2021-06-10 13:24:07 +02:00
Makefile
netlink.c NFC: fix possible resource leak 2021-02-03 23:23:27 +01:00
nfc.h
rawsock.c net/nfc/rawsock.c: fix a permission check bug 2021-06-16 11:54:56 +02:00