OSDN Git Service

(root) / tomoyo / tomoyo-test1.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5638d9e) | patch
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
authorLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Mon, 31 Oct 2022 23:10:32 +0000 (16:10 -0700)
committerLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Wed, 2 Nov 2022 23:36:59 +0000 (16:36 -0700)
commit711f8c3fb3db61897080468586b970c87c61d9e4
treecedd21a4c8b64b3ae4587293046b9f72d166c886tree | snapshot
parent5638d9ea9c01c77fc11693d48cf719bc7e88f224commit | diff
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM

The Bluetooth spec states that the valid range for SPSM is from
0x0001-0x00ff so it is invalid to accept values outside of this range:

  BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part A
  page 1059:
  Table 4.15: L2CAP_LE_CREDIT_BASED_CONNECTION_REQ SPSM ranges

CVE: CVE-2022-42896
CC: stable@vger.kernel.org
Reported-by: Tamás Koczka <poprdi@google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an@intel.com>
net/bluetooth/l2cap_core.c diff | blob | history
This is a test repository.
About OSDN
Find Software
Develop Software
Help