APPLIED: [SRU][B/C/D][CVE-2019-11884] Add null byte to avoid overflow
Khaled Elmously
khalid.elmously at canonical.com
Tue Jun 11 03:32:02 UTC 2019
On 2019-06-07 15:16:48 , Connor Kuehl wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11884.html
>
> From the link above:
>
> "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the
> Linux kernel before 5.0.15 allows a local user to obtain potentially
> sensitive information from kernel stack memory via a HIDPCONNADD command,
> because a name field may not end with a '\0' character."
>
> Clean cherry pick for all releases.
>
> This patch made its way into Xenial by way of an upstream stable sync
> (LP: #1830176).
>
> It is already in unstable.
>
> Young Xiao (1):
> Bluetooth: hidp: fix buffer overflow
>
> net/bluetooth/hidp/sock.c | 1 +
> 1 file changed, 1 insertion(+)
>
> --
> 2.20.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list