ACK: [SRU Bionic, OEM-5.14, HWE-5.17 0/1] CVE-2022-42895
Tim Gardner
tim.gardner at canonical.com
Fri Jan 20 13:54:23 UTC 2023
On 1/19/23 8:58 PM, Cengiz Can wrote:
> [Impact]
> There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's
> l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.
>
> [Fix]
> Clean cherry picks from upstream.
>
> [Test case]
> Compile, boot and basic functionality tested with l2test.
>
> [Potential regression]
> Low.
>
> Luiz Augusto von Dentz (1):
> Bluetooth: L2CAP: Fix attempting to access uninitialized memory
>
> net/bluetooth/l2cap_core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list