| Message ID | 20191126083917.5995-1-stefan.bader@canonical.com |
|---|---|
| Headers | show |
| Series | Multiple buffer overflows in Marvell driver | expand |
On 26.11.19 09:39, Stefan Bader wrote: > Multiple buffer overflows have been found and fixed in the Marvell > wireless driver. For Xenial the main change is that the Marvell driver > has not yet its own subdirectory. So all paths had to be adjusted. > > -Stefan > > Wen Huang (2): > mwifiex: fix possible heap overflow in mwifiex_process_country_ie() > libertas: Fix two buffer overflows at parsing bss descriptor > > wangqize (1): > mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() > > drivers/net/wireless/marvell/libertas/cfg.c | 8 +++ > .../net/wireless/marvell/mwifiex/sta_ioctl.c | 3 +- > drivers/net/wireless/marvell/mwifiex/tdls.c | 70 +++++++++++++++++-- > 3 files changed, 74 insertions(+), 7 deletions(-) > Apart from the missing CVE reference in Patch 3/3 for Xenial the changes look good. Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
On Tue, Nov 26, 2019 at 09:39:11AM +0100, Stefan Bader wrote: > Multiple buffer overflows have been found and fixed in the Marvell > wireless driver. For Xenial the main change is that the Marvell driver > has not yet its own subdirectory. So all paths had to be adjusted. > > -Stefan > > Wen Huang (2): > mwifiex: fix possible heap overflow in mwifiex_process_country_ie() > libertas: Fix two buffer overflows at parsing bss descriptor > > wangqize (1): > mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() > > drivers/net/wireless/marvell/libertas/cfg.c | 8 +++ > .../net/wireless/marvell/mwifiex/sta_ioctl.c | 3 +- > drivers/net/wireless/marvell/mwifiex/tdls.c | 70 +++++++++++++++++-- > 3 files changed, 74 insertions(+), 7 deletions(-) > All the fixes make sense to me. Acked-by: Andrea Righi <andrea.righi@canonical.com>
On 2019-11-26 09:39, Stefan Bader wrote: > Multiple buffer overflows have been found and fixed in the Marvell > wireless driver. For Xenial the main change is that the Marvell driver > has not yet its own subdirectory. So all paths had to be adjusted. > > -Stefan > > Wen Huang (2): > mwifiex: fix possible heap overflow in mwifiex_process_country_ie() > libertas: Fix two buffer overflows at parsing bss descriptor > > wangqize (1): > mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() > > drivers/net/wireless/marvell/libertas/cfg.c | 8 +++ > .../net/wireless/marvell/mwifiex/sta_ioctl.c | 3 +- > drivers/net/wireless/marvell/mwifiex/tdls.c | 70 +++++++++++++++++-- > 3 files changed, 74 insertions(+), 7 deletions(-) > Applied to xenial, bionic, disco and eoan master-next branches. Thanks, Kleber
On Tue, Nov 26, 2019 at 09:39:11AM +0100, Stefan Bader wrote: > Multiple buffer overflows have been found and fixed in the Marvell > wireless driver. For Xenial the main change is that the Marvell driver > has not yet its own subdirectory. So all paths had to be adjusted. Applied to unstable/master, thanks!