korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 08:14:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
fd081afd21
linux/net/wireless
History
Alexander Wetzel fd081afd21 wifi: cfg80211: Fix use after free for wext 
commit 015b8cc5e7 upstream.

Key information in wext.connect is not reset on (re)connect and can hold
data from a previous connection.

Reset key data to avoid that drivers or mac80211 incorrectly detect a
WEP connection request and access the freed or already reused memory.

Additionally optimize cfg80211_sme_connect() and avoid an useless
schedule of conn_work.

Fixes: fffd0934b9 ("cfg80211: rework key operation")
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20230124141856.356646-1-alexander@wetzel-home.de
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-03-10 09:40:06 +01:00
..
certs
.gitignore
ap.c
chan.c cfg80211: add cfg80211_any_usable_channels() 2021-06-23 13:05:08 +02:00
core.c cfg80211: fix race in netlink owner interface destruction 2022-02-23 12:03:11 +01:00
core.h cfg80211: fix management registrations locking 2021-10-25 15:20:22 +02:00
debugfs.c wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() 2022-09-08 12:28:02 +02:00
debugfs.h
ethtool.c
ibss.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
Kconfig cfg80211: select CONFIG_CRC32 2021-01-05 15:50:36 -08:00
lib80211_crypt_ccmp.c
lib80211_crypt_tkip.c
lib80211_crypt_wep.c
lib80211.c
Makefile cfg80211: make certificate generation more robust 2021-06-18 13:25:15 +02:00
mesh.c
mlme.c cfg80211: fix management registrations locking 2021-10-25 15:20:22 +02:00
nl80211.c wifi: cfg80211: Fix extended KCK key length check in nl80211_set_rekey_data() 2023-03-10 09:39:11 +01:00
nl80211.h nl80211: fix radio statistics in survey dump 2021-11-25 09:48:34 +01:00
ocb.c
of.c
pmsr.c nl80211/cfg80211: add BSS color to NDP ranging parameters 2021-06-23 11:29:14 +02:00
radiotap.c mac80211: Use flex-array for radiotap header bitmap 2021-08-13 09:58:25 +02:00
rdev-ops.h nl80211: add support for BSS coloring 2021-08-17 11:58:21 +02:00
reg.c wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails 2022-12-31 13:14:14 +01:00
reg.h cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
scan.c wifi: cfg80211: don't allow multi-BSSID in S1G 2022-12-08 11:28:40 +01:00
sme.c wifi: cfg80211: Fix use after free for wext 2023-03-10 09:40:06 +01:00
sysfs.c cfg80211: shut down interfaces on failed resume 2021-06-09 16:09:20 +02:00
sysfs.h
trace.c
trace.h cfg80211: fix BSS color notify trace enum confusion 2021-08-18 09:21:52 +02:00
util.c wifi: cfg80211: fix MCS divisor value 2022-10-12 09:53:28 +02:00
wext-compat.c cfg80211: expose the rfkill device to the low level driver 2021-06-23 11:29:13 +02:00
wext-compat.h
wext-core.c wifi: wext: use flex array destination for memcpy() 2022-11-26 09:24:51 +01:00
wext-priv.c
wext-proc.c
wext-sme.c cfg80211: avoid holding the RTNL when calling the driver 2021-01-26 11:55:50 +01:00
wext-spy.c wireless: wext-spy: Fix out-of-bounds warning 2021-06-23 10:57:17 +02:00