APPLIED [OEM-5.14/OEM-5.17] Re: [SRU Bionic, OEM-5.14, HWE-5.17 0/1] CVE-2022-42895
Timo Aaltonen
tjaalton at ubuntu.com
Mon Jan 23 10:23:53 UTC 2023
Cengiz Can kirjoitti 20.1.2023 klo 5.58:
> [Impact]
> There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's
> l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.
>
> [Fix]
> Clean cherry picks from upstream.
>
> [Test case]
> Compile, boot and basic functionality tested with l2test.
>
> [Potential regression]
> Low.
>
> Luiz Augusto von Dentz (1):
> Bluetooth: L2CAP: Fix attempting to access uninitialized memory
>
> net/bluetooth/l2cap_core.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
applied to oem-5.14, and also to oem-5.17 while at it, thanks
--
t
More information about the kernel-team
mailing list