projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c135a5b) | patch
Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet
authorLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Tue, 8 Oct 2024 14:16:48 +0000 (10:16 -0400)
committerLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Thu, 14 Nov 2024 20:29:54 +0000 (15:29 -0500)
commit3fe288a8214e7dd784d1f9b7c9e448244d316b47
treec044e7de8c4edf886db2dc4af81b3b62ce3fe536tree
parentc135a5bc34a89a75a739d07964ff3d1c4fa1b154commit | diff
Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet

This fixes not checking if skb really contains an ACL header otherwise
the code may attempt to access some uninitilized/invalid memory past the
valid skb->data.

Reported-by: syzbot+6ea290ba76d8c1eb1ac2@syzkaller.appspotmail.com
Tested-by: syzbot+6ea290ba76d8c1eb1ac2@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=6ea290ba76d8c1eb1ac2
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
net/bluetooth/hci_core.c diff | blob | history
MicroBlaze GIT Repository