iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,216,271 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Lee, Chun-Yi 1ffc6f8cc3 Bluetooth: Reject connection with the device which has same BD_ADDR 
This change is used to relieve CVE-2020-26555. The description of
the CVE:

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification
1.0B through 5.2 may permit an unauthenticated nearby device to spoof
the BD_ADDR of the peer device to complete pairing without knowledge
of the PIN. [1]

The detail of this attack is in IEEE paper:
BlueMirror: Reflections on Bluetooth Pairing and Provisioning Protocols
[2]

It's a reflection attack. The paper mentioned that attacker can induce
the attacked target to generate null link key (zero key) without PIN
code. In BR/EDR, the key generation is actually handled in the controller
which is below HCI.

A condition of this attack is that attacker should change the
BR_ADDR of his hacking device (Host B) to equal to the BR_ADDR with
the target device being attacked (Host A).

Thus, we reject the connection with device which has same BD_ADDR
both on HCI_Create_Connection and HCI_Connection_Request to prevent
the attack. A similar implementation also shows in btstack project.
[3][4]

Cc: stable@vger.kernel.org
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26555 [1]
Link: https://ieeexplore.ieee.org/abstract/document/9474325/authors#authors [2]
Link: https://github.com/bluekitchen/btstack/blob/master/src/hci.c#L3523 [3]
Link: https://github.com/bluekitchen/btstack/blob/master/src/hci.c#L7297 [4]
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
2023-10-11 11:16:24 -07:00
arch
bpf-for-netdev
2023-10-10 19:59:49 -07:00
block
block: fix kernel-doc for disk_force_media_change()
2023-09-26 00:43:34 -06:00
certs
certs: Reference revocation list for all keyrings
2023-08-17 20:12:41 +00:00
crypto
crypto: sm2 - Fix crash caused by uninitialized context
2023-09-20 13:10:10 +08:00
Documentation
Couple of small fixes, including:
2023-10-05 11:03:20 -07:00
drivers
Bluetooth: vhci: Fix race when opening vhci device
2023-10-11 11:12:08 -07:00
fs
overlayfs fixes for 6.6-rc5
2023-10-05 10:56:18 -07:00
include
net: skbuff: fix kernel-doc typos
2023-10-10 19:35:54 -07:00
init
workqueue: Changes for v6.6
2023-09-01 16:06:32 -07:00
io_uring
io_uring/fs: remove sqe->rw_flags checking from LINKAT
2023-09-29 03:07:09 -06:00
ipc
Add x86 shadow stack support
2023-08-31 12:20:12 -07:00
kernel
bpf: Fix verifier log for async callback return values
2023-10-09 23:10:58 +02:00
lib
maple_tree: add MAS_UNDERFLOW and MAS_OVERFLOW states
2023-09-29 17:20:46 -07:00
LICENSES
LICENSES: Add the copyleft-next-0.3.1 license
2022-11-08 15:44:01 +01:00
mm
Fourteen hotfixes, eleven of which are cc:stable. The remainder pertain
2023-10-01 13:33:25 -07:00
net
Bluetooth: Reject connection with the device which has same BD_ADDR
2023-10-11 11:16:24 -07:00
rust
Documentation work keeps chugging along; stuff for 6.6 includes:
2023-08-30 20:05:42 -07:00
samples
VFIO updates for v6.6-rc1
2023-08-30 20:36:01 -07:00
scripts
kbuild: remove stale code for 'source' symlink in packaging scripts
2023-10-01 23:06:06 +09:00
security
ima: rework CONFIG_IMA dependency block
2023-09-27 11:52:12 -04:00
sound
ASoC: Fixes for v6.6
2023-09-20 15:02:16 +02:00
tools
selftests/bpf: Add testcase for async callback return value failure
2023-10-09 23:11:17 +02:00
usr
initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP
2023-06-06 17:54:49 +09:00
virt
ARM:
2023-09-07 13:52:20 -07:00
.clang-format
iommu: Add for_each_group_device()
2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore
get_maintainer: add Alan to .get_maintainer.ignore
2022-08-20 15:17:44 -07:00
.gitattributes
.gitattributes: set diff driver for Rust source code files
2023-05-31 17:48:25 +02:00
.gitignore
kbuild: rpm-pkg: rename binkernel.spec to kernel.spec
2023-07-25 00:59:33 +09:00
.mailmap
MAINTAINERS: update Matthieu's email address
2023-10-05 09:34:32 -07:00
.rustfmt.toml
rust: add .rustfmt.toml
2022-09-28 09:02:20 +02:00
COPYING
CREDITS
USB: Remove Wireless USB and UWB documentation
2023-08-09 14:17:32 +02:00
Kbuild
Kbuild updates for v6.1
2022-10-10 12:00:45 -07:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
Including fixes from Bluetooth, netfilter, BPF and WiFi.
2023-10-05 11:29:21 -07:00
Makefile
Linux 6.6-rc4
2023-10-01 14:15:13 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%