lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4126db0a47
android_kernel_xiaomi_sm8350/core
History
Vignesh Viswanathan 4126db0a47 qcacld-3.0: Fix out-of-bounds access in lim_process_action_vendor_specific 
Currently in the function lim_process_action_vendor_specific, mem_cmp
is done on the received frame pointer without validating the frame_len
which could lead to out-of-bounds memory access if the frame_len is
not matching the size of action_hdr.

Add check to validate the frame_len with action_hdr size before doing
mem_cmp for the p2p oui.

Change-Id: I39329d1a9ef45614d3c617db11a7a7f5ec2aaaec
CRs-Fixed: 2101439
2017-09-18 12:21:57 -07:00
..
bmi qcacld-3.0: Remove cds_[alloc|free]_context() parameter 2017-09-13 20:07:39 -07:00
cds qcacld-3.0: Remove cds_context param to cds_sched_close() 2017-09-14 06:51:58 -07:00
dp qcacld-3.0: Fix issue that rx failed after WAPI usk rekey 2017-09-17 21:31:20 -07:00
hdd qcacld-3.0: Add support for PNO scan in connected state 2017-09-18 07:55:47 -07:00
mac qcacld-3.0: Fix out-of-bounds access in lim_process_action_vendor_specific 2017-09-18 12:21:57 -07:00
pld qcacld-3.0: Enable preAlloc support for SKB buffers 2017-09-18 07:55:49 -07:00
sap qcacld-3.0: Fix channel weight calculation errors in ACS mode 2017-09-13 23:27:17 -07:00
sme qcacld-3.0: Set join failure timeout value in bss config 2017-09-15 17:26:53 -07:00
wma qcacld-3.0: Introduce INI items for MAWC based roaming 2017-09-14 13:26:37 -07:00