Bluetooth: stop proccessing malicious adv data - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Pavel Skripkin <[email protected]>	2021-11-01 10:12:12 +0300
committer	Marcel Holtmann <[email protected]>	2021-11-16 13:59:20 +0100
commit	3a56ef719f0b9682afb8a86d64b2399e36faa4e6 (patch)
tree	c3e6b7d83ea115d0fad007d36fdf3691aec1e071 /tools/perf/scripts/python/libxed.py
parent	dd2ac1d6d4954522c67279e42e7069b91f67f151 (diff)

Bluetooth: stop proccessing malicious adv data

Syzbot reported slab-out-of-bounds read in hci_le_adv_report_evt(). The problem was in missing validaion check. We should check if data is not malicious and we can read next data block. If we won't check ptr validness, code can read a way beyond skb->end and it can cause problems, of course. Fixes: e95beb414168 ("Bluetooth: hci_le_adv_report_evt code refactoring") Reported-and-tested-by: [email protected] Signed-off-by: Pavel Skripkin <[email protected]> Signed-off-by: Marcel Holtmann <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/libxed.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: