ACK: [SRU][B/C/D][CVE-2019-11884] Add null byte to avoid overflow
Kamal Mostafa
kamal at canonical.com
Mon Jun 10 15:10:18 UTC 2019
Acked-by: Kamal Mostafa <kamal at canonical.com>
-Kamal
On Fri, Jun 07, 2019 at 03:16:48PM -0700, Connor Kuehl wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11884.html
>
> From the link above:
>
> "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the
> Linux kernel before 5.0.15 allows a local user to obtain potentially
> sensitive information from kernel stack memory via a HIDPCONNADD command,
> because a name field may not end with a '\0' character."
>
> Clean cherry pick for all releases.
>
> This patch made its way into Xenial by way of an upstream stable sync
> (LP: #1830176).
>
> It is already in unstable.
>
> Young Xiao (1):
> Bluetooth: hidp: fix buffer overflow
>
> net/bluetooth/hidp/sock.c | 1 +
> 1 file changed, 1 insertion(+)
>
> --
> 2.20.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list