Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/net/bluetooth
History
Luiz Augusto von Dentz c4b47220b3 Bluetooth: bnep: Fix out-of-bound access 
[ Upstream commit 0f0639b4d6f649338ce29c62da3ec0787fa08cd1 ]

This fixes attempting to access past ethhdr.h_source, although it seems
intentional to copy also the contents of h_proto this triggers
out-of-bound access problems with the likes of static analyzer, so this
instead just copy ETH_ALEN and then proceed to use put_unaligned to copy
h_proto separetely.

Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-01-19 15:04:04 +01:00
..
bnep Bluetooth: bnep: Fix out-of-bound access 2025-01-19 15:04:04 +01:00
cmtp exit: Rename module_put_and_exit to module_put_and_kthread_exit 2024-11-19 12:27:50 +01:00
hidp exit: Rename module_put_and_exit to module_put_and_kthread_exit 2024-11-19 12:27:50 +01:00
rfcomm Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() 2024-12-17 13:24:18 +01:00
6lowpan.c
a2mp.c
a2mp.h
af_bluetooth.c Revert "Bluetooth: Remove debugfs directory on module init failure" 2024-11-24 00:22:52 +01:00
amp.c
amp.h
ecdh_helper.c
ecdh_helper.h
hci_conn.c Bluetooth: Fix bogus check for re-auth no supported with non-ssp 2024-11-18 12:12:38 +01:00
hci_core.c Revert "Bluetooth: hci_core: Fix LE quote calculation" 2024-11-24 00:23:52 +01:00
hci_debugfs.c Bluetooth: Fix TOCTOU in HCI debugfs implementation 2024-11-19 09:22:45 +01:00
hci_debugfs.h
hci_event.c Bluetooth: hci_event: set the conn encrypted before conn establishes 2024-11-19 09:22:44 +01:00
hci_request.c Bluetooth: Fix memory leak in hci_req_sync_complete() 2024-11-19 11:32:19 +01:00
hci_request.h
hci_sock.c
hci_sysfs.c Bluetooth: fix use-after-free in device_for_each_child() 2024-12-17 13:24:07 +01:00
Kconfig
l2cap_core.c Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() 2024-11-23 23:20:22 +01:00
l2cap_sock.c Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() 2024-12-17 13:24:30 +01:00
leds.c
leds.h
lib.c
Makefile
mgmt.c Bluetooth: MGMT: Ignore keys being loaded with invalid type 2025-01-19 14:50:17 +01:00
mgmt_config.c
mgmt_config.h
mgmt_util.c
mgmt_util.h
msft.c
msft.h
sco.c Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout 2024-11-19 11:32:45 +01:00
selftest.c
selftest.h
smp.c Revert "Bluetooth: SMP: Fix assumption of Central always being Initiator" 2024-11-24 00:23:52 +01:00
smp.h Bluetooth: use inclusive language in SMP 2024-11-18 12:12:01 +01:00