On 2021-07-15 at 15:36 Greg KH ([off-list ref]) wrote:

On Sat, Jul 10, 2021 at 09:37:10PM +0300, Davis Mosenkovs wrote:

quoted

Commit e3d4030498c3 ("mac80211: do not accept/forward invalid EAPOL
frames") uses skb_mac_header() before eth_type_trans() is called
leading to incorrect pointer, the pointer gets written to. This issue
has appeared during backporting to 4.4, 4.9 and 4.14.

So this is also needed in 4.9 and 4.14, right?  If so, now queued up
everywhere.  If not, please let me know so I can drop it from the other
trees.

thanks,

greg k-h

Thank you! Yes - this is needed in 4.4, 4.9 and 4.14.
Only line offsets and commit messages (they contain references to
backport commits introducing the issue) differ between kernel versions
and I see the patches are queued with correct line offsets.
Patches for 4.9
(https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-4.9/mac80211-fix-memory-corruption-in-eapol-handling.patch)
and 4.14 (https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-4.14/mac80211-fix-memory-corruption-in-eapol-handling.patch)
still contain 4.4 in the cc line in sign-off section. Also these
patches contain reference to commit e3d4030498c3 that is from 4.4
branch. Is this OK?

Br,
Davis