摘要:
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()
reg_cap.phy_id is extracted from WMI event and could be an unexpected value
in case some errors happen. As a result out-of-bound write may occur to
soc->hal_reg_cap. Fix it by validating reg_cap.phy_id before using it.
This is found during code review.
Compile tested only.
安全等级: Low
公告ID: KylinSec-SA-2024-2666
发布日期: 2024年6月8日
关联CVE: CVE-2023-52829
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()
reg_cap.phy_id is extracted from WMI event and could be an unexpected value
in case some errors happen. As a result out-of-bound write may occur to
soc->hal_reg_cap. Fix it by validating reg_cap.phy_id before using it.
This is found during code review.
Compile tested only.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-52829 | KY3.4-5 | kernel | Unaffected |
| CVE-2023-52829 | KY3.5.3 | kernel | Unaffected |
| CVE-2023-52829 | V6 | kernel | Unaffected |
