Description
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doing iowrite to initialize dongle ring. To detect this error at early stage, we directly return error when getting invalid max_flowrings(>256).
Product status
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 3cc9299036bdb647408e11e41de3eb1ff6d428cd
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 2e8bb402b060a6c22160de3d72cee057698177c8
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 87f126b25fa8562196f0f4c0aa46a446026199bf
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 200347eb3b2608cc8b54c13dd1d5e03809ba2eb2
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 2aca4f3734bd717e04943ddf340d49ab62299a00
5.4.229 (semver)
5.10.163 (semver)
5.15.86 (semver)
6.0.16 (semver)
6.1.2 (semver)
6.2 (original_commit_for_fix)
References
git.kernel.org/...c/3cc9299036bdb647408e11e41de3eb1ff6d428cd
git.kernel.org/...c/2e8bb402b060a6c22160de3d72cee057698177c8
git.kernel.org/...c/10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6
git.kernel.org/...c/87f126b25fa8562196f0f4c0aa46a446026199bf
git.kernel.org/...c/200347eb3b2608cc8b54c13dd1d5e03809ba2eb2
git.kernel.org/...c/2aca4f3734bd717e04943ddf340d49ab62299a00
