Re: CVE request -- kernel: b43: allocate receive buffers big enough for max frame len + offset

[Eugene Teo <eugene () redhat com>]

On 09/14/2011 06:43 PM, Petr Matousek wrote:
> "A flaw has been found in a way b43 driver processed incoming frames. An
> attacker able to send frames to the systems with Broadcom 43xx series
> wireless devices could use this flaw to crash those systems."
>
> Upstream patch:
> c85ce65ecac078ab1a1835c87c4a6319cf74660a
>
> References:
> https://bugzilla.redhat.com/show_bug.cgi?id=738202
> https://bugzilla.kernel.org/show_bug.cgi?id=32042
> https://github.com/mirrors/linux/commit/c85ce65ecac078ab1a1835c87c4a6319cf74660a

Please use CVE-2011-3359.

Thanks, Eugene