Piteball
/
android_kernel_samsung_msm8226
mirror of https://github.com/S3NEO/android_kernel_samsung_msm8226.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
android_kernel_samsung_msm8226/net/bluetooth
History
Young Xiao 3e396d0275 Bluetooth: hidp: fix buffer overflow 
commit a1616a5ac99ede5d605047a9012481ce7ff18b16 upstream.

Struct ca is copied from userspace. It is not checked whether the "name"
field is NULL terminated, which allows local users to obtain potentially
sensitive information from kernel stack memory, via a HIDPCONNADD command.

This vulnerability is similar to CVE-2011-1079.

Signed-off-by: Young Xiao <YangX92@hotmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
CVE-2019-11884
Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>
Change-Id: If26bd0108596f42bb48349146f0c84eb0a675276
 		2020-01-06 08:40:44 +01:00
..
bnep Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket 2019-08-08 15:03:05 +02:00
cmtp Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket 2019-08-08 15:03:04 +02:00
hidp Bluetooth: hidp: fix buffer overflow 2020-01-06 08:40:44 +01:00
rfcomm Bluetooth: Add sockaddr length checks before accessing sa_family in bind and connect handlers 2019-08-08 12:09:30 +02:00
Kconfig Merge commit 'AU_LINUX_ANDROID_ICS.04.00.04.00.126' into msm-3.4 2012-06-06 18:45:28 -07:00
Makefile misc: Import SM-G900H kernel source code 2019-08-02 15:14:10 +02:00
af_bluetooth.c Merge remote-tracking branch 'google-common/deprecated/android-3.4' into lineage-16.0 2019-08-06 11:41:21 +02:00
amp.c Update copyright to The Linux Foundation 2013-02-13 16:38:12 -08:00
hci_conn.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00
hci_core.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00
hci_event.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00
hci_sock.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00
hci_sysfs.c Merge commit 'AU_LINUX_ANDROID_ICS.04.00.04.00.126' into msm-3.4 2012-06-06 18:45:28 -07:00
l2cap_core.c Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt 2020-01-06 08:40:43 +01:00
l2cap_sock.c Bluetooth: Add sockaddr length checks before accessing sa_family in bind and connect handlers 2019-08-08 12:09:30 +02:00
lib.c Bluetooth: Add logging functions bt_info and bt_err 2012-02-17 11:33:17 +02:00
mgmt.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00
sco.c Bluetooth: Add sockaddr length checks before accessing sa_family in bind and connect handlers 2019-08-08 12:09:30 +02:00
smp.c Merge tag 'v3.4.113' into lineage-16.0 2019-08-05 14:20:47 +02:00