On Fri, 2015-05-22 at 10:57 +0200, Michal Kazior wrote:
It was possible for mac80211 to be coerced into an
unexpected flow causing sdata union to become
corrupted. Station pointer was put into
sdata-u.vlan.sta memory location while it was
really master AP's sdata-u.ap.next_beacon. This
led
It was possible for mac80211 to be coerced into an
unexpected flow causing sdata union to become
corrupted. Station pointer was put into
sdata-u.vlan.sta memory location while it was
really master AP's sdata-u.ap.next_beacon. This
led to station entry being later freed as
next_beacon before
