[SRU Bionic, OEM-5.14, HWE-5.17 0/1] CVE-2022-42895
Cengiz Can
cengiz.can at canonical.com
Fri Jan 20 03:58:37 UTC 2023
[Impact]
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's
l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.
[Fix]
Clean cherry picks from upstream.
[Test case]
Compile, boot and basic functionality tested with l2test.
[Potential regression]
Low.
Luiz Augusto von Dentz (1):
Bluetooth: L2CAP: Fix attempting to access uninitialized memory
net/bluetooth/l2cap_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--
2.37.2
More information about the kernel-team
mailing list