FPII-2976 :Elevation of privilege vulnerability in Qualcomm Wi-Fi driver CVE-2017-6424 A-32086742 QC-CR#1102648
qcacld-2.0: Fix buffer overflow in WLANSAP_Set_WPARSNIes()
Currently In WLANSAP_Set_WPARSNIes() the parameter WPARSNIEsLen
is user-controllable and never validates which uses as the length
for a memory copy. This enables user-space applications to corrupt
heap memory and potentially crash the kernel.
Fix is to validate the WPARSNIes length to its max before use as the
length for a memory copy.
Change-Id: I7aff731aeae22bfd84beb955439a799abef37f68
CRs-Fixed: 1102648
Change-Id: I096ef5f34784f88697dbe39e8ac7a163abe6b7a3
1 file changed