iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Luiz Augusto von Dentz 3e4697ffdf Bluetooth: L2CAP: Fix attempting to access uninitialized memory 
commit b1a2cd50c0357f243b7435a732b4e62ba3157a2e upstream.

On l2cap_parse_conf_req the variable efs is only initialized if
remote_efs has been set.

CVE: CVE-2022-42895
CC: stable@vger.kernel.org
Reported-by: Tamás Koczka <poprdi@google.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Reviewed-by: Tedd Ho-Jeong An <tedd.an@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-11-10 18:15:36 +01:00
..
6lowpan
9p
net/9p: Initialize the iounit field during fid creation
2022-08-17 14:24:23 +02:00
802
net: 802: remove dead leftover after ipx driver removal
2021-08-13 16:30:35 -07:00
8021q
net: use eth_hw_addr_set() instead of ether_addr_copy()
2022-08-31 17:16:37 +02:00
appletalk
atm
net/atm: fix proc_mpc_write incorrect return value
2022-10-29 10:12:55 +02:00
ax25
net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
2022-06-22 14:22:01 +02:00
batman-adv
batman-adv: Use netif_rx_any_context() any.
2022-07-29 17:25:07 +02:00
bluetooth
Bluetooth: L2CAP: Fix attempting to access uninitialized memory
2022-11-10 18:15:36 +01:00
bpf
bpf: Don't redirect packets with invalid pkt_len
2022-09-05 10:30:07 +02:00
bpfilter
bridge
netfilter: ebtables: fix memory leak when blob is malformed
2022-09-28 11:11:52 +02:00
caif
net-caif: avoid user-triggerable WARN_ON(1)
2021-09-14 12:51:15 +01:00
can
can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb()
2022-11-03 23:59:10 +09:00
ceph
libceph: fix potential use-after-free on linger ping and resends
2022-05-25 09:57:28 +02:00
core
net, neigh: Fix null-ptr-deref in neigh_table_clear()
2022-11-10 18:15:31 +01:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-08 19:12:52 +01:00
dccp
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
2022-08-17 14:23:37 +02:00
decnet
net: Fix data-races around sysctl_[rw]mem(_offset)?.
2022-08-03 12:03:51 +02:00
dns_resolver
dsa
net: dsa: fall back to default tagger if we can't load the one from DT
2022-11-10 18:15:27 +01:00
ethernet
move netdev_boot_setup into Space.c
2021-08-03 13:05:26 +01:00
ethtool
ethtool: eeprom: fix null-deref on genl_info in dump
2022-11-03 23:59:14 +09:00
hsr
net: hsr: avoid possible NULL deref in skb_clone()
2022-10-29 10:12:56 +02:00
ieee802154
net: ieee802154: fix error return code in dgram_bind()
2022-11-03 23:59:14 +09:00
ife
ipv4
nh: fix scope used to find saddr when adding non gw nh
2022-11-03 23:59:19 +09:00
ipv6
ipv6: fix WARNING in ip6_route_net_exit_late()
2022-11-10 18:15:31 +01:00
iucv
net/iucv: Replace deprecated CPU-hotplug functions.
2021-08-09 10:13:32 +01:00
kcm
kcm: do not sense pfmemalloc status in kcm_sendpage()
2022-11-03 23:59:19 +09:00
key
af_key: Do not call xfrm_probe_algs in parallel
2022-08-31 17:16:36 +02:00
l2tp
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
2022-06-22 14:21:58 +02:00
l3mdev
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
2022-04-27 14:38:53 +02:00
lapb
llc
llc: only change llc->dev when bind() succeeds
2022-03-28 09:58:46 +02:00
mac80211
wifi: mac80211: allow bw change during channel switch in mesh
2022-10-26 12:34:39 +02:00
mac802154
mac802154: Fix LQI recording
2022-11-03 23:59:12 +09:00
mctp
mctp: Fix check for dev_hard_header() result
2022-04-13 20:59:16 +02:00
mpls
net: Use u64_stats_fetch_begin_irq() for stats fetch.
2022-09-08 12:28:07 +02:00
mptcp
mptcp: Fix crash due to tcp_tsorted_anchor was initialized before release skb
2022-08-31 17:16:50 +02:00
ncsi
net/ncsi: check for error return from call to nla_put_u32
2022-01-05 12:42:37 +01:00
netfilter
netfilter: ipset: enforce documented limit to prevent allocating huge memory
2022-11-10 18:15:30 +01:00
netlabel
netlabel: fix out-of-bounds memory accesses
2022-04-13 20:59:10 +02:00
netlink
net: genl: fix error path memory leak in policy dumping
2022-08-25 11:40:25 +02:00
netrom
netrom: fix api breakage in nr_setsockopt()
2022-01-27 11:04:00 +01:00
nfc
NFC: NULL out the dev->rfkill to prevent UAF
2022-06-09 10:22:46 +02:00
nsh
openvswitch
openvswitch: switch from WARN to pr_warn
2022-11-03 23:59:18 +09:00
packet
net/af_packet: check len when min_header_len equals to 0
2022-09-05 10:30:12 +02:00
phonet
phonet: refcount leak in pep_sock_accep
2022-01-11 15:35:16 +01:00
psample
qrtr
net: qrtr: start MHI channel after endpoit creation
2022-08-25 11:40:29 +02:00
rds
net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
2022-10-26 12:34:49 +02:00
rfkill
rfkill: make new event layout opt-in
2022-04-08 14:23:00 +02:00
rose
rose: Fix NULL pointer dereference in rose_send_frame()
2022-11-10 18:15:29 +01:00
rxrpc
rxrpc: Fix calc of resend age
2022-09-23 14:15:50 +02:00
sched
net: sched: Fix use after free in red_enqueue()
2022-11-10 18:15:28 +01:00
sctp
sctp: handle the error returned from sctp_auth_asoc_init_active_key
2022-10-26 12:34:48 +02:00
smc
net/smc: Fix possible leaked pernet namespace in smc_init()
2022-11-10 18:15:31 +01:00
strparser
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
2021-11-18 19:17:11 +01:00
sunrpc
SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
2022-11-10 18:15:26 +01:00
switchdev
net: make switchdev_bridge_port_{,unoffload} loosely coupled with the bridge
2021-08-04 12:35:07 +01:00
tipc
tipc: fix a null-ptr-deref in tipc_topsrv_accept
2022-11-03 23:59:15 +09:00
tls
net/tls: Remove the context from the list in tls_device_down
2022-08-03 12:03:47 +02:00
unix
io_uring/af_unix: defer registered files gc to io_uring release
2022-10-26 12:35:52 +02:00
vmw_vsock
vsock: fix possible infinite sleep in vsock_connectible_wait_data()
2022-11-10 18:15:31 +01:00
wireless
wifi: cfg80211: update hidden BSSes to avoid WARN_ON
2022-10-15 07:59:03 +02:00
x25
net/x25: Fix null-ptr-deref caused by x25_disconnect
2022-04-08 14:23:53 +02:00
xdp
xsk: Fix backpressure mechanism on Tx
2022-10-26 12:34:40 +02:00
xfrm
xfrm: Update ipcomp_scratches with NULL when freed
2022-10-26 12:35:34 +02:00
compat.c
devres.c
Kconfig
mctp: Add MCTP base
2021-07-29 15:06:49 +01:00
Makefile
mctp: Add MCTP base
2021-07-29 15:06:49 +01:00
socket.c
net: Fix a data-race around sysctl_somaxconn.
2022-08-31 17:16:45 +02:00
sysctl_net.c