github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 07:03:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
41ed10ac17
linux/net/bluetooth
History
Mathias Krause 6ffb80e739 Bluetooth: L2CAP - Fix info leak via getsockname() 
[ Upstream commit 792039c73c ]

The L2CAP code fails to initialize the l2_bdaddr_type member of struct
sockaddr_l2 and the padding byte added for alignment. It that for leaks
two bytes kernel stack via the getsockname() syscall. Add an explicit
memset(0) before filling the structure to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-10-02 09:47:21 -07:00
..
bnep net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-08-15 18:31:38 -07:00
cmtp Bluetooth: Move more channel info to struct l2cap_chan 2011-04-28 01:09:58 -03:00
hidp Bluetooth: Fix hidp disconnect deadlocks and lost wakeup 2011-06-30 15:47:50 -03:00
rfcomm Bluetooth: RFCOMM - Fix info leak via getsockname() 2012-10-02 09:47:16 -07:00
af_bluetooth.c Bluetooth: remove unnecessary call to hci_sock_cleanup 2011-02-25 22:36:58 -03:00
hci_conn.c Bluetooth: Fix l2cap conn failures for ssp devices 2012-04-13 08:14:08 -07:00
hci_core.c Bluetooth: hci_core: fix NULL-pointer dereference at unregister 2012-04-22 16:21:42 -07:00
hci_event.c Bluetooth: Fix timeout on scanning for the second time 2011-10-03 11:41:01 -07:00
hci_sock.c Bluetooth: HCI - Fix info leak via getsockname() 2012-10-02 09:47:06 -07:00
hci_sysfs.c Bluetooth: Add variable SSP auto-accept delay support 2011-04-28 16:02:30 -03:00
Kconfig Bluetooth: Fix BT_L2CAP and BT_SCO in Kconfig 2011-02-28 14:06:53 -05:00
l2cap_core.c Bluetooth: Fix crash with incoming L2CAP connections 2011-07-16 10:14:44 -07:00
l2cap_sock.c Bluetooth: L2CAP - Fix info leak via getsockname() 2012-10-02 09:47:21 -07:00
lib.c Bluetooth: make batostr() print in the right order 2010-10-12 12:44:52 -03:00
Makefile Bluetooth: Merge L2CAP and SCO modules into bluetooth.ko 2011-02-14 17:27:36 -03:00
mgmt.c Bluetooth: Add support for disconnecting LE links via mgmt 2011-05-11 16:42:14 -03:00
sco.c Bluetooth: fix shutdown on SCO sockets 2011-06-10 15:04:40 -03:00