In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: use vmm_table as array in wilc struct
Enabling KASAN and running some iperf tests raises some memory issues with vmm_table:
BUG: KASAN: slab-out-of-bounds in wilcwlanhandle_txq+0x6ac/0xdb4 Write of size 4 at addr c3a61540 by task wlan0-tx/95
KASAN detects that we are writing data beyond range allocated to vmmtable. There is indeed a mismatch between the size passed to allocator in wilcwlan_init, and the range of possible indexes used later: allocation size is missing a multiplication by sizeof(u32)