Google Git
Sign in
android / kernel / mediatek / refs/heads/android-mediatek-pike-3.10-oreo-wear-dr
commit5f7ba64dbb0f566149f5190db8c229da623a54bb[log] [tgz]
authorDavid Chu <david.chu@mediatek.com>Mon Aug 06 18:39:15 2018 -0700
committerBen Fennema <fennema@google.com>Thu Aug 16 15:52:11 2018 -0700
tree01516a711965c2065a82d6dd725728579ebb149e
parent4afa485f96571c751e4295b92effc95328c22b8b [diff]
Security Patch: WLAN Gen2: Security Vulnerability Issue 72312071

[Detail]
Multiple Kernel Memory Corruption Issues in Mediatek cfg80211 Subsystem

[Solution]
In mtk_cfg80211_vendor_set_config the value num_buckets must be
validated to ensure it is not greater than size of the buckets array.

CVE-2018-9395

Change-Id: If07b758108922dd12ac4eb5d93ce2eab0ce06dae
Signed-off-by: Ben Fennema <fennema@google.com>
1 file changed
tree: 01516a711965c2065a82d6dd725728579ebb149e
  1. android/
  2. arch/
  3. block/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .gitignore
  24. .mailmap
  25. Android.mk
  26. build.config
  27. build.sh
  28. CleanSpec.mk
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README
  36. REPORTING-BUGS