linux

mirror of https://github.com/torvalds/linux.git synced 2024-11-15 08:31:55 +00:00

History

Petr Štetiar 1f951a7f8b mac80211: fix NULL pointer dereference in ieee80211_key_alloc() The ieee80211_key struct can be kfree()d several times in the function, for example if some of the key setup functions fails beforehand, but there's no check if the struct is still valid before we call memcpy() and INIT_LIST_HEAD() on it. In some cases (like it was in my case), if there's missing aes-generic module it could lead to the following kernel OOPS: Unable to handle kernel NULL pointer dereference at virtual address 0000018c .... PC is at memcpy+0x80/0x29c ... Backtrace: [<bf11c5e4>] (ieee80211_key_alloc+0x0/0x234 [mac80211]) from [<bf1148b4>] (ieee80211_add_key+0x70/0x12c [mac80211]) [<bf114844>] (ieee80211_add_key+0x0/0x12c [mac80211]) from [<bf070cc0>] (__cfg80211_set_encryption+0x2a8/0x464 [cfg80211]) Signed-off-by: Petr Štetiar <ynezz@true.cz> Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>		2011-03-28 15:42:02 -04:00
..
9p	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6	2011-03-16 16:29:25 -07:00
802
8021q	vlan: should take into account needed_headroom	2011-03-18 15:13:12 -07:00
appletalk
atm
ax25
batman-adv
bluetooth	Bluetooth: Fix warning with hci_cmd_timer	2011-03-24 17:04:44 -03:00
bridge	bridge: Reset IPCB when entering IP stack on NF_FORWARD	2011-03-18 15:13:12 -07:00
caif
can
ceph
core	ethtool: __ethtool_set_sg: check for function pointer before using it	2011-03-18 15:13:10 -07:00
dcb
dccp
decnet
dns_resolver
dsa
econet	econet: 4 byte infoleak to the network	2011-03-18 15:12:15 -07:00
ethernet
ieee802154
ipv4	netfilter: ipt_CLUSTERIP: fix buffer overflow	2011-03-20 15:42:52 +01:00
ipv6	netfilter: xtables: fix reentrancy	2011-03-20 15:40:06 +01:00
ipx
irda
iucv
key
l2tp
lapb
llc
mac80211	mac80211: fix NULL pointer dereference in ieee80211_key_alloc()	2011-03-28 15:42:02 -04:00
netfilter	netfilter: ipset: fix checking the type revision at create command	2011-03-20 15:35:01 +01:00
netlabel
netlink
netrom
packet
phonet	Phonet: fix aligned-mode pipe socket buffer header reserve	2011-03-15 14:55:49 -07:00
rds	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6	2011-03-16 16:29:25 -07:00
rfkill
rose
rxrpc	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6	2011-03-16 16:29:25 -07:00
sched
sctp
sunrpc	Merge branch 'nfs-for-2.6.39' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6	2011-03-17 17:40:00 -07:00
tipc
unix	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6	2011-03-16 16:29:25 -07:00
wanrouter
wimax
wireless
x25
xfrm	xfrm: Refcount destination entry on xfrm_lookup	2011-03-16 12:55:36 -07:00
compat.c
Kconfig
Makefile
nonet.c
socket.c	ethtool: Compat handling for struct ethtool_rxnfc	2011-03-18 15:13:11 -07:00
sysctl_net.c
TUNABLE