Parches de seguridad para el driver Wlan PRIMA.
Obtenidos de los Boletines de seguridad de Android y de los Boletines para los Pixel / Nexus
- CVE-2016-10283 -> wlan: Trim operation classes to max supported in change station
- CVE-2017-9714 -> wlan: Drop assoc request if RSNIE/WPAIE parsing fail
- CVE-2017-11013 -> prima: Skip an IE if found more its max times in a framePRIMA:
- CVE-2017-11015 -> wlan: Update limComputeCrc32 to pass uint16_t + wlan: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec
- CVE-2017-11014 -> wlan: Add bound check before writing to channel list
- CVE-2017-9715 -> wlan: Avoid extscan bucket spec overread
- CVE-2017-9717 -> wlan: Add get valid channels entry to NLA policy
- CVE-2017-11051 -> wlan: Fix Uninitialized memory issue
- CVE-2017-11053 -> wlan: Fix kernel memory corruption
- CVE-2017-11054 -> wlan: Avoid overread when configuring MAC addresses
- CVE-2017-14903 -> wlan: Fix invalid buffer access in send mgmt tx
- CVE-2017-11081 -> wlan: Buffer overflow in setrmcenable, setrmcactionperiod
- CVE-2017-11035 -> wlan: Add check for set_ft_ies buffer length
- CVE-2017-9712 -> wlan: Check on IE length to avoid buffer over-read
- CVE-2017-15860 -> wlan: Change local variables to dynamic in limProcessAuthFrame + wlan: Fix incorrect processing of encrypted auth frame
- CVE-2017-11001 -> wlan: Fix out of bound read issue in get link properties
- CVE-2017-11002 -> wlan: Avoid concurrent matrix max param overread
- CVE-2017-0464 -> wlan: Remove obsolete set/reset ssid hotlist
Continuará...
Un saludo.