Re: [PATCH] mac802154: fix uninitialized security header fields

From: Miquel Raynal
Date: Thu Jan 08 2026 - 13:24:20 EST

Next message: Ivan Vecera: "[PATCH net-next 01/12] dt-bindings: dpll: add common dpll-pin-consumer schema"
Previous message: Suzuki K Poulose: "[kvmtool PATCH v5 00/15] arm64: Handle PSCI calls in userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

On 14/12/2025 at 00:13:39 GMT, Kathara Sasikumar <katharasasikumar007@xxxxxxxxx> wrote:

> KMSAN reported an uninitialized-value access in
> ieee802154_hdr_push_sechdr(). This happened because
> mac802154_set_header_security() allowed frames with cb->secen=1 but
> LLSEC disabled when secen_override=0, leaving parts of the security
> header uninitialized.
>
> Fix the validation so security-enabled frames are rejected whenever
> LLSEC is disabled, regardless of secen_override. Also clear the full
> header struct in the header creation functions to avoid partial
> initialization.
>
> Reported-by: syzbot+60a66d44892b66b56545@xxxxxxxxxxxxxxxxxxxxxxxxx
> Tested-by: syzbot+60a66d44892b66b56545@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://syzkaller.appspot.com/bug?extid=60a66d44892b66b56545
> Signed-off-by: Kathara Sasikumar <katharasasikumar007@xxxxxxxxx>
> ---

For what I understand... :-)

Reviewed-by: Miquel Raynal <miquel.raynal@xxxxxxxxxxx>

Thanks,
Miquèl

Next message: Ivan Vecera: "[PATCH net-next 01/12] dt-bindings: dpll: add common dpll-pin-consumer schema"
Previous message: Suzuki K Poulose: "[kvmtool PATCH v5 00/15] arm64: Handle PSCI calls in userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]