Description
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser"), we don't trust the data in the frame so we should check the length better before acting on it
Product status
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before ac38856092b4c994f94343251b30520bdeb7f475
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 35969c3a208a07cb8642301df5869c34e2db7071
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 8097a48c606a9306281ea7bd73bf2afc97553733
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 740bca8bbdb707c0e4bb11e3316deb2f04fc7ce1
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 821f7d759fb2de33c5e5b0c4981181c4d0c3e9b1
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 6d62fa548387e159a21ea95132c09bfc96d336ed
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before 9a4cd4c37593cc8b8d28f9a6732b490a8032006a
554c0a3abf216c991c5ebddcdb2c08689ecd290b (git) before f0109b9d3e1e455429279d602f6276e34689750a
4.12
Any version before 4.12
5.10.253 (semver)
5.15.203 (semver)
6.1.167 (semver)
6.6.130 (semver)
6.12.78 (semver)
6.18.19 (semver)
6.19.9 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/ac38856092b4c994f94343251b30520bdeb7f475
git.kernel.org/...c/35969c3a208a07cb8642301df5869c34e2db7071
git.kernel.org/...c/8097a48c606a9306281ea7bd73bf2afc97553733
git.kernel.org/...c/740bca8bbdb707c0e4bb11e3316deb2f04fc7ce1
git.kernel.org/...c/821f7d759fb2de33c5e5b0c4981181c4d0c3e9b1
git.kernel.org/...c/6d62fa548387e159a21ea95132c09bfc96d336ed
git.kernel.org/...c/9a4cd4c37593cc8b8d28f9a6732b490a8032006a
git.kernel.org/...c/f0109b9d3e1e455429279d602f6276e34689750a