Pkshih <[email protected]> writes: > On Fri, 2019-10-18 at 07:43 -0400, Laura Abbott wrote: >> Nicolas Waisman noticed that even though noa_len is checked for >> a compatible length it's still possible to overrun the buffers >> of p2pinfo since there's no check on the upper bound of noa_num. >> Bound noa_num against P2P_MAX_NOA_NUM. >> >> Reported-by: Nicolas Waisman <[email protected]> >> Signed-off-by: Laura Abbott <[email protected]> > > Acked-by: Ping-Ke Shih <[email protected]> > and Please CC to stable > Cc: Stable <[email protected]> # 4.4+ > > --- > > Hi Kalle, > > This bug was existing since v3.10, and directory of wireless drivers were > moved at v4.4. Do I need send another patch to fix this issue for longterm > kernel v3.16.75?
Yeah, I think you need to send a separate patch to the stable list (after this commit is in Linus' tree). -- https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
