wifi: cfg80211: fix double free for link_sinfo in nl80211_station_dump() - kernel

diff options

author	Sarika Sharma <[email protected]>	2025-07-14 08:44:05 +0000
committer	Johannes Berg <[email protected]>	2025-07-15 09:05:13 +0000
commit	9a44b5e36cd699fdd2150a63fab225ac510c1971 (patch)
tree	da6d9fbd83d2d01a0d1d84a07ac5e52b1339e70a /net/switchdev/switchdev.c
parent	wifi: cfg80211: fix off channel operation allowed check for MLO (diff)
download	kernel-9a44b5e36cd699fdd2150a63fab225ac510c1971.tar.gz kernel-9a44b5e36cd699fdd2150a63fab225ac510c1971.zip

wifi: cfg80211: fix double free for link_sinfo in nl80211_station_dump()

Currently, the link_sinfo structure is being freed twice in nl80211_dump_station(), once after the send_station() call and again in the error handling path. This results in a double free of both link_sinfo and link_sinfo->pertid, which might lead to undefined behavior or kernel crashes. Hence, fix by ensuring cfg80211_sinfo_release_content() is only invoked once during execution of nl80211_station_dump(). Fixes: 49e47223ecc4 ("wifi: cfg80211: allocate memory for link_station info structure") Reported-by: Dan Carpenter <[email protected]> Closes: https://lore.kernel.org/all/[email protected]/ Reported-by: [email protected] Closes: https://lore.kernel.org/all/[email protected] Signed-off-by: Sarika Sharma <[email protected]> Link: https://patch.msgid.link/[email protected] Signed-off-by: Johannes Berg <[email protected]>

Diffstat (limited to 'net/switchdev/switchdev.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: