Jeff Johnson 045e1a3f2e wifi: cw1200: Avoid processing an invalid TIM IE ... [ Upstream commit b7bcea9c27b3d87b54075735c870500123582145 ] While converting struct ieee80211_tim_ie::virtual_map to be a flexible array it was observed that the TIM IE processing in cw1200_rx_cb() could potentially process a malformed IE in a manner that could result in a buffer over-read. Add logic to verify that the TIM IE length is large enough to hold a valid TIM payload before processing it. Signed-off-by: Jeff Johnson <quic_jjohnson@quicinc.com> Signed-off-by: Kalle Valo <kvalo@kernel.org> Link: https://lore.kernel.org/r/20230831-ieee80211_tim_ie-v3-1-e10ff584ab5d@quicinc.com Signed-off-by: Sasha Levin <sashal@kernel.org>		2024-11-23 23:20:44 +01:00
..
admtek
ath	wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers	2024-11-23 23:20:07 +01:00
atmel
broadcom	wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device	2024-11-23 23:20:06 +01:00
cisco
cnss2
cnss_genl
cnss_prealloc
cnss_utils
intel	wifi: iwlwifi: mvm: don't read past the mfuart notifcation	2024-11-19 14:19:00 +01:00
intersil
marvell	wifi: mwifiex: Fix interface type change	2024-11-23 23:20:13 +01:00
mediatek
microchip	wifi: wilc1000: fix ies_len type in connect path	2024-11-19 14:19:41 +01:00
qualcomm/qca6490
quantenna	wireless: Remove redundant 'flush_workqueue()' calls	2024-11-19 08:44:44 +01:00
ralink	wifi: rt2x00: restart beacon queue when hardware reset	2024-11-18 12:13:11 +01:00
realtek	wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power	2024-11-19 14:19:10 +01:00
rsi
scsc
st	wifi: cw1200: Avoid processing an invalid TIM IE	2024-11-23 23:20:44 +01:00
ti
zydas
Kconfig
mac80211_hwsim.c	wifi: mac80211_hwsim: fix clang-specific fortify warning	2024-11-18 11:43:12 +01:00
mac80211_hwsim.h
Makefile
ray_cs.c
ray_cs.h
rayctl.h
rndis_wlan.c	wireless: Remove redundant 'flush_workqueue()' calls	2024-11-19 08:44:44 +01:00
virt_wifi.c	wifi: virt_wifi: don't use strlen() in const context	2024-11-23 23:20:08 +01:00
wl3501.h
wl3501_cs.c