CVE-2022-49533

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ath11k: Change max no of active probe SSID and BSSID to fw capability<br /> <br /> The maximum number of SSIDs in a for active probe requests is currently<br /> reported as 16 (WLAN_SCAN_PARAMS_MAX_SSID) when registering the driver.<br /> The scan_req_params structure only has the capacity to hold 10 SSIDs.<br /> This leads to a buffer overflow which can be triggered from<br /> wpa_supplicant in userspace. When copying the SSIDs into the<br /> scan_req_params structure in the ath11k_mac_op_hw_scan route, it can<br /> overwrite the extraie pointer.<br /> <br /> Firmware supports 16 ssid * 4 bssid, for each ssid 4 bssid combo probe<br /> request will be sent, so totally 64 probe requests supported. So<br /> set both max ssid and bssid to 16 and 4 respectively. Remove the<br /> redundant macros of ssid and bssid.<br /> <br /> Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01300-QCAHKSWPL_SILICONZ-1