This patch fixes CVE-2023-52531 [1] present in 5.4 and 5.10 stable kernels. The vulnerability concerns flawed pointer arithmetic in iwlwifi driver caused by use of spurious casting to (u8 *). Original upstream commit [3] removed that cast but kept a change to increment a pointer first and only then cast it to (void *) or other type.
However, as older branches did not receive commit 3827cb59b3b8 ("iwlwifi: avoid void pointer arithmetic") [2], the aforementioned kept change is also missing, which should be corrected and applied to other vulnerable versions. This backport ensures that correction and keeps away from dangerous void pointer arithmetic.
[PATCH 5.4/5.10 1/1] wifi: iwlwifi: mvm: Fix a memory corruption issue Change 'channels' pointer before casting it to (void *). Fixes [1].
[1] https://nvd.nist.gov/vuln/detail/cve-2023-52531 [2] https://github.com/torvalds/linux/commit/3827cb59b3b8ce4b1687385d35034dadcd9... [3] https://github.com/torvalds/linux/commit/8ba438ef3cacc4808a63ed0ce24d4f0942c...