Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: dvm – Fixed a issue where memcpy operations might involve field-spanning writes. The received TKIP key may be up to 32 bytes, as it may also contain MIC rx/tx keys. These keys are not used by iwlwifi, but copying...

SUSE CVE-2023-54286

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...

CVE-2023-54286

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...

CVE-2023-54286

CVE-2023-54286 involves the Linux kernel wireless stack: the iwlwifi dvm code could copy beyond iwl_keyinfo.key when handling TKIP keys (up to 32 bytes) due to including MIC keys. The fix adds a bounds check to prevent copying more data than the iwl_keyinfo.key buffer can hold, addressing a field...