git.ipfire.org Git - thirdparty/hostap.git/commit

author	Ramasamy Kaliappan <quic_rkaliapp@quicinc.com>
	Tue, 18 Feb 2025 10:47:15 +0000 (16:17 +0530)
committer	Jouni Malinen <j@w1.fi>
	Sun, 23 Feb 2025 16:12:29 +0000 (18:12 +0200)
commit	b49542f42c459eb831b896a6a7c9d0f95b48ac1c
tree	285de9a36e96f93ae83838072b4392ae7361224d	tree
parent	81b152595bf9ee8ea6a03b51b6fb3cfa2e8a78d2	commit \| diff

nl80211: Fix hostapd crash when managing AP MLD interfaces

hostapd crash has been observed in the following scenario: bring up
multiple AP MLD interfaces, delete all AP MLD interfaces using another
user space application like 'iw', and then remove all interfaces in
hostapd.

When deleting an AP MLD interface using another user space application,
the kernel sends the NL80211_CMD_STOP_AP event for each link to hostapd,
hostapd resets valid_links, and sends a remove link command to the
kernel. valid_links will become zero after all the links are removed,
but bss interface will not be removed in hostapd.

In the current design, when removing the link bss interface, the
interface is not removed if the link is not available. When the
interface, which was not removed, is added, it accesses a dangling
pointer of the AP MLD interface and causes the crash.

Fix this by removing the interface even if there are no more links. This
ensures that the AP MLD interface is properly removed, preventing access
to a dangling pointer and avoiding the crash.

Signed-off-by: Ramasamy Kaliappan <quic_rkaliapp@quicinc.com>