[lvc-project] [PATCH] wifi: ath11k: fix NULL derefence in ath11k_qmi_m3_load()
Vasanthakumar Thiagarajan
vasanthakumar.thiagarajan at oss.qualcomm.com
Thu Sep 18 08:25:58 MSK 2025
On 9/18/2025 12:50 AM, Matvey Kovalev wrote:
> If ab->fw.m3_data points to data, then fw pointer remains null.
> Further, if m3_mem is not allocated, then fw is dereferenced to be
> passed to ath11k_err function.
>
> Replace fw->size by m3_len.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: 7db88b962f06 ("wifi: ath11k: add firmware-2.bin support")
> Cc: stable at vger.kernel.org
> Signed-off-by: Matvey Kovalev <matvey.kovalev at ispras.ru>
Reviewed-by: Vasanthakumar Thiagarajan <vasanthakumar.thiagarajan at oss.qualcomm.com>
More information about the lvc-project
mailing list