This is a great showcase for "if it was written in rust, none of this would happen":
- CVE-2022-41674: fix u8 overflow in cfg80211_update_notlisted_nontrans (max 256 byte overwrite) (RCE)
- this would panic in debug mode, admittedly go through as wraparound in release mode
- CVE-2022-42719: wifi: mac80211: fix MBSSID parsing use-after-free use after free condition (RCE)
- this would be prevented thanks to lifetime guarantees
- CVE-2022-42720: wifi: cfg80211: fix BSS refcounting bugs ref counting use-after-free possibilities (RCE)
- this would be prevented thanks to lifetime guarantees
- CVE-2022-42721: wifi: cfg80211: avoid nontransmitted BSS list corruption list corruption, according to Johannes will however just make it endless loop (DOS)
- this would be prevented thanks to lifetime guarantees
- CVE-2022-42722: wifi: mac80211: fix crash in beacon protection for P2P-device NULL ptr dereference crash (DOS)
- this would be prevented thanks to lifetime guarantees in combination with no "null" (Option<T> or Result<T, E> would be used)
Comment