mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
No description
1109700 commits 105 branches 5103 tags 5.6 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Johannes Berg e6d77ac013 wifi: mac80211: fix MBSSID parsing use-after-free 
commit ff05d4b45d upstream.

When we parse a multi-BSSID element, we might point some
element pointers into the allocated nontransmitted_profile.
However, we free this before returning, causing UAF when the
relevant pointers in the parsed elements are accessed.

Fix this by not allocating the scratch buffer separately but
as part of the returned structure instead, that way, there
are no lifetime issues with it.

The scratch buffer introduction as part of the returned data
here is taken from MLO feature work done by Ilan.

This fixes CVE-2022-42719.

Fixes: 5023b14cf4 ("mac80211: support profile split between elements")
Co-developed-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-10-15 08:01:44 +02:00
arch Revert "powerpc/rtas: Implement reentrant rtas call" 2022-10-15 08:01:43 +02:00
block Revert "block: freeze the queue earlier in del_gendisk" 2022-09-28 11:32:28 +02:00
certs certs: make system keyring depend on built-in x509 parser 2022-09-28 11:32:27 +02:00
crypto KEYS: asymmetric: enforce SM2 signature use pkey algo 2022-08-17 15:16:17 +02:00
Documentation ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer 2022-10-12 09:51:24 +02:00
drivers random: use expired timer rather than wq for mixing fast pool 2022-10-15 08:01:44 +02:00
fs ceph: don't truncate file in atomic_open 2022-10-15 08:01:42 +02:00
include scsi: stex: Properly zero out the passthrough command structure 2022-10-15 08:01:43 +02:00
init arm64: fix rodata=full 2022-08-31 17:18:19 +02:00
io_uring io_uring: ensure that cached task references are always put on exit 2022-09-28 11:32:21 +02:00
ipc ipc: Free mq_sysctls if ipc namespace creation failed 2022-06-22 17:47:41 -05:00
kernel bpf: Fix resetting logic for unreferenced kptrs 2022-10-12 09:51:26 +02:00
lib Makefile.debug: re-enable debug info for .S files 2022-09-28 11:32:27 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm damon/sysfs: fix possible memleak on damon_sysfs_add_target 2022-10-05 10:40:55 +02:00
net wifi: mac80211: fix MBSSID parsing use-after-free 2022-10-15 08:01:44 +02:00
samples sample: bpf: xdp_router_ipv4: Allow the kernel to send arp requests 2022-08-17 15:14:25 +02:00
scripts Makefile.extrawarn: Move -Wcast-function-type-strict to W=1 2022-10-12 09:51:23 +02:00
security efi: Correct Macmini DMI match in uefi cert quirk 2022-10-15 08:01:43 +02:00
sound ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model 2022-10-15 08:01:42 +02:00
tools perf tests record: Fail the test if the 'errs' counter is not zero 2022-10-05 10:40:54 +02:00
usr Not a lot of material this cycle. Many singleton patches against various 2022-05-27 11:22:03 -07:00
virt KVM: Unconditionally get a ref to /dev/kvm module when creating a VM 2022-08-25 11:45:05 +02:00
.clang-format clang-format: Fix space after for_each macros 2022-05-20 19:27:16 +02:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: split the second line of *.mod into *.usyms 2022-05-08 03:16:59 +09:00
.mailmap ARM: SoC fixes for 5.19, part 4 2022-07-27 09:43:07 -07:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: mark ARM/PALM TREO SUPPORT orphan 2022-07-07 15:17:00 +02:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS io_uring: move to separate directory 2022-08-17 15:14:20 +02:00
Makefile Linux 5.19.15 2022-10-12 09:51:26 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.