[SRU][B/C/D][CVE-2019-11884] Add null byte to avoid overflow
Connor Kuehl
connor.kuehl at canonical.com
Fri Jun 7 22:16:48 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11884.html
>From the link above:
"The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the
Linux kernel before 5.0.15 allows a local user to obtain potentially
sensitive information from kernel stack memory via a HIDPCONNADD command,
because a name field may not end with a '\0' character."
Clean cherry pick for all releases.
This patch made its way into Xenial by way of an upstream stable sync
(LP: #1830176).
It is already in unstable.
Young Xiao (1):
Bluetooth: hidp: fix buffer overflow
net/bluetooth/hidp/sock.c | 1 +
1 file changed, 1 insertion(+)
--
2.20.1
More information about the kernel-team
mailing list