brain-hackers_pepepper-mirror
/
linux-brain
mirror of https://github.com/brain-hackers/linux-brain.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux-brain/drivers/staging/rtl8192e/rtl8192e
History
Lee Gibson e644fc4ab7 staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan 
commit 8687bf9ef9551bcf93897e33364d121667b1aadf upstream.

Function _rtl92e_wx_set_scan calls memcpy without checking the length.
A user could control that length and trigger a buffer overflow.
Fix by checking the length is within the maximum allowed size.

Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Lee Gibson <leegib@gmail.com>
Cc: stable <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20210226145157.424065-1-leegib@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2021-03-17 17:03:54 +01:00
..
Kconfig
Makefile
r8190P_def.h
r8190P_rtl8256.c
r8190P_rtl8256.h
r8192E_cmdpkt.c staging: rtl8192e: remove a blank line 2019-04-16 13:32:19 +02:00
r8192E_cmdpkt.h
r8192E_dev.c Staging: rtl8192e: Remove extra space before break statement 2019-05-02 19:43:18 +02:00
r8192E_dev.h
r8192E_firmware.c
r8192E_firmware.h
r8192E_hw.h
r8192E_hwimg.c
r8192E_hwimg.h
r8192E_phy.c staging: rtl8192e: remove redundant initialization of rtstatus 2019-07-03 18:34:09 +02:00
r8192E_phy.h
r8192E_phyreg.h
rtl_cam.c
rtl_cam.h
rtl_core.c staging: rtl8192e: fix potential use after free 2019-12-04 22:30:47 +01:00
rtl_core.h
rtl_dm.c staging: rtl8192e: remove two set but not used variables 2019-08-21 09:15:43 -07:00
rtl_dm.h
rtl_eeprom.c
rtl_eeprom.h
rtl_ethtool.c
rtl_pci.c staging: rtl8192e: Remove set but not used variable 'VenderID' 2019-04-16 13:31:59 +02:00
rtl_pci.h
rtl_pm.c
rtl_pm.h
rtl_ps.c
rtl_ps.h
rtl_wx.c staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan 2021-03-17 17:03:54 +01:00
rtl_wx.h