[PATCH] Change the max number of active probe SSIDs to match registration
Kalle Valo
kvalo at kernel.org
Mon Feb 7 06:07:17 PST 2022
Alex David <flu0r1ne at flu0r1ne.net> writes:
> The maximum number of SSIDs in a for active probe requests is currently
> reported as 16 (WLAN_SCAN_PARAMS_MAX_SSID) when registering the driver.
> The scan_req_params structure only has the capacity to hold 10 SSIDs.
> This leads to a buffer overflow which can be triggered from wpa_supplicant
> in userspace. When copying the SSIDs into the scan_req_params structure in
> the ath11k_mac_op_hw_scan route, it can overwrite the extraie pointer.
>
> Signed-off-by: Alex David <flu0r1ne at flu0r1ne.net>
I missed this as this wasn't in patchwork. This is because you didn't CC
linux-wireless. Please see instructions here how to submit ath11k
patches:
https://wireless.wiki.kernel.org/en/users/drivers/ath11k/submittingpatches
Please also add "ath11k:" prefix to the subject and a Tested-on tag.
--
https://patchwork.kernel.org/project/linux-wireless/list/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
More information about the ath11k
mailing list