iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Luiz Augusto von Dentz 36919a82f3 Bluetooth: L2CAP: Fix attempting to access uninitialized memory 
commit b1a2cd50c0357f243b7435a732b4e62ba3157a2e upstream.

On l2cap_parse_conf_req the variable efs is only initialized if
remote_efs has been set.

CVE: CVE-2022-42895
CC: stable@vger.kernel.org
Reported-by: Tamás Koczka <poprdi@google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-11-10 17:46:54 +01:00
..
6lowpan
6lowpan: Off by one handling ->nexthdr
2020-01-27 14:50:41 +01:00
9p
net/9p: Initialize the iounit field during fid creation
2022-08-25 11:15:32 +02:00
802
net/802/garp: fix memleak in garp_request_join()
2021-07-31 08:22:37 +02:00
8021q
net: vlan: avoid leaks on register_vlan_dev() failures
2021-01-17 14:04:19 +01:00
appletalk
appletalk: Fix skb allocation size in loopback case
2021-04-07 12:48:49 +02:00
atm
net/atm: fix proc_mpc_write incorrect return value
2022-11-03 23:52:26 +09:00
ax25
ax25: Fix UAF bugs in ax25 timers
2022-04-27 13:39:46 +02:00
batman-adv
batman-adv: Don't skb_split skbuffs with frag_list
2022-05-18 09:42:47 +02:00
bluetooth
Bluetooth: L2CAP: Fix attempting to access uninitialized memory
2022-11-10 17:46:54 +01:00
bpf
bpfilter
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
2020-01-27 14:50:51 +01:00
bridge
netfilter: ebtables: fix memory leak when blob is malformed
2022-09-28 11:02:56 +02:00
caif
net-caif: avoid user-triggerable WARN_ON(1)
2021-09-22 11:48:11 +02:00
can
can: bcm: check the result of can_send() in bcm_can_tx()
2022-10-26 13:19:37 +02:00
ceph
libceph: clear con->out_msg on Policy::stateful_server faults
2020-11-05 11:08:53 +01:00
core
net, neigh: Fix null-ptr-deref in neigh_table_clear()
2022-11-10 17:46:53 +01:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-08 19:04:10 +01:00
dccp
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
2022-08-25 11:15:13 +02:00
decnet
net: decnet: Fix sleeping inside in af_decnet
2021-07-28 11:13:48 +02:00
dns_resolver
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:30:24 +02:00
dsa
net: dsa: Add missing of_node_put() in dsa_port_parse_of
2022-03-23 09:10:44 +01:00
ethernet
net: add annotations on hh->hh_len lockless accesses
2020-01-09 10:19:09 +01:00
hsr
hsr: use netdev_err() instead of WARN_ONCE()
2021-05-22 10:59:24 +02:00
ieee802154
net: ieee802154: fix error return code in dgram_bind()
2022-11-03 23:52:30 +09:00
ife
ipv4
tcp: fix indefinite deferral of RTO with SACK reneging
2022-11-03 23:52:31 +09:00
ipv6
ipv6: fix WARNING in ip6_route_net_exit_late()
2022-11-10 17:46:53 +01:00
iucv
net/af_iucv: set correct sk_protocol for child sockets
2020-12-08 10:18:52 +01:00
kcm
kcm: annotate data-races around kcm->rx_wait
2022-11-03 23:52:31 +09:00
key
af_key: Do not call xfrm_probe_algs in parallel
2022-09-05 10:26:29 +02:00
l2tp
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
2022-06-25 11:49:15 +02:00
l3mdev
lapb
net: lapb: Copy the skb before sending a packet
2021-02-10 09:21:06 +01:00
llc
llc: only change llc->dev when bind() succeeds
2022-03-28 08:41:44 +02:00
mac80211
wifi: mac80211: allow bw change during channel switch in mesh
2022-10-26 13:19:24 +02:00
mac802154
mac802154: Fix LQI recording
2022-11-03 23:52:28 +09:00
mpls
net: mpls: Fix notifications when deleting a device
2021-12-08 08:50:13 +01:00
ncsi
net/ncsi: Avoid channel_monitor hrtimer deadlock
2021-04-14 08:22:35 +02:00
netfilter
ipvs: fix WARNING in ip_vs_app_net_cleanup()
2022-11-10 17:46:52 +01:00
netlabel
net: fix NULL pointer reference in cipso_v4_doi_free
2021-09-22 11:48:09 +02:00
netlink
netlink: do not reset transport header in netlink_recvmsg()
2022-05-18 09:42:47 +02:00
netrom
netrom: Decrease sock refcount when sock timers expire
2021-07-28 11:13:48 +02:00
nfc
NFC: NULL out the dev->rfkill to prevent UAF
2022-06-14 16:59:20 +02:00
nsh
openvswitch
openvswitch: switch from WARN to pr_warn
2022-11-03 23:52:33 +09:00
packet
net/packet: fix packet_sock xmit return value checking
2022-04-27 13:39:43 +02:00
phonet
phonet: refcount leak in pep_sock_accep
2022-01-11 13:58:50 +01:00
psample
net: psample: fix skb_over_panic
2019-12-05 09:21:30 +01:00
qrtr
net: qrtr: fix another OOB Read in qrtr_endpoint_post
2021-09-03 09:58:00 +02:00
rds
net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
2022-10-26 13:19:26 +02:00
rfkill
rfkill: Fix incorrect check to avoid NULL pointer dereference
2020-01-12 12:17:17 +01:00
rose
rose: Fix NULL pointer dereference in rose_send_frame()
2022-11-10 17:46:52 +01:00
rxrpc
rxrpc: Fix local destruction being repeated
2022-09-28 11:02:52 +02:00
sched
net: sched: Fix use after free in red_enqueue()
2022-11-10 17:46:52 +01:00
sctp
sctp: handle the error returned from sctp_auth_asoc_init_active_key
2022-10-26 13:19:26 +02:00
smc
net/smc: Remove redundant refcount increase
2022-09-15 12:17:03 +02:00
strparser
sunrpc
SUNRPC: use _bh spinlocking on ->transport_lock
2022-09-15 12:17:06 +02:00
switchdev
tipc
tipc: fix a null-ptr-deref in tipc_topsrv_accept
2022-11-03 23:52:30 +09:00
tls
net/tls: Fix race in TLS device down flow
2022-07-29 17:10:32 +02:00
unix
af_unix: Fix a data-race in unix_dgram_peer_wake_me().
2022-06-14 16:59:35 +02:00
vmw_vsock
vhost/vsock: Use kvmalloc/kvfree for larger packets.
2022-10-26 13:19:26 +02:00
wimax
wireless
wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
2022-09-15 12:17:02 +02:00
x25
net/x25: Fix null-ptr-deref caused by x25_disconnect
2022-04-15 14:14:53 +02:00
xdp
xsk: Simplify detection of empty and full rings
2021-05-22 10:59:48 +02:00
xfrm
xfrm: Update ipcomp_scratches with NULL when freed
2022-10-26 13:19:37 +02:00
compat.c
net: Return the correct errno code
2021-06-30 08:48:13 -04:00
Kconfig
Makefile
net: split out functions related to registering inflight socket files
2021-07-31 08:22:37 +02:00
socket.c
net: Fix a data-race around sysctl_somaxconn.
2022-09-05 10:26:31 +02:00
sysctl_net.c