Описание
In the Linux kernel, the following vulnerability has been resolved:
brcmfmac: return error when getting invalid max_flowrings from dongle
When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
In the Linux kernel, the following vulnerability has been resolved:
brcmfmac: return error when getting invalid max_flowrings from dongle
When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-50358
- https://git.kernel.org/stable/c/10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6
- https://git.kernel.org/stable/c/200347eb3b2608cc8b54c13dd1d5e03809ba2eb2
- https://git.kernel.org/stable/c/2aca4f3734bd717e04943ddf340d49ab62299a00
- https://git.kernel.org/stable/c/2e8bb402b060a6c22160de3d72cee057698177c8
- https://git.kernel.org/stable/c/3cc9299036bdb647408e11e41de3eb1ff6d428cd
- https://git.kernel.org/stable/c/87f126b25fa8562196f0f4c0aa46a446026199bf
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
In the Linux kernel, the following vulnerability has been resolved: b ...
