[SRU K,HWE-5.17,J,OEM-5.14,F,B 0/1] CVE-2022-3564
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Nov 17 01:44:02 UTC 2022
[Impact]
A race condition on Bluetooth L2CAP can lead to a use-after-free.
[Backport]
The fix is in linux-next. It could be cherry-picked cleanly on all kernels,
though git-am would not apply to focal and bionic, which required their own
cherry-pick.
[Potential regression]
Bluetooth devices might fail to connect.
Maxim Mikityanskiy (1):
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
net/bluetooth/l2cap_core.c | 48 ++++++++++++++++++++++++++++++++------
1 file changed, 41 insertions(+), 7 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list