iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Luiz Augusto von Dentz 91f48261e7 Bluetooth: hci_event: Fix using memcmp when comparing keys 
[ Upstream commit b541260615f601ae1b5d6d0cc54e790de706303b ]

memcmp is not consider safe to use with cryptographic secrets:

 'Do  not  use memcmp() to compare security critical data, such as
 cryptographic secrets, because the required CPU time depends on the
 number of equal bytes.'

While usage of memcmp for ZERO_KEY may not be considered a security
critical data, it can lead to more usage of memcmp with pairing keys
which could introduce more security problems.

Fixes: 455c2ff0a558 ("Bluetooth: Fix BR/EDR out-of-band pairing with only initiator data")
Fixes: 33155c4aae52 ("Bluetooth: hci_event: Ignore NULL link key")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-10-25 11:16:59 +02:00
..
6lowpan
6lowpan: Off by one handling ->nexthdr
2020-01-27 14:50:41 +01:00
9p
9p: virtio: make sure 'offs' is initialized in zc_request
2023-09-23 10:47:57 +02:00
802
mrp: introduce active flags to prevent UAF when applicant uninit
2023-01-18 11:30:36 +01:00
8021q
vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
2023-05-30 12:42:11 +01:00
appletalk
appletalk: Fix skb allocation size in loopback case
2021-04-07 12:48:49 +02:00
atm
atm: hide unused procfs functions
2023-06-09 10:24:01 +02:00
ax25
ax25: Fix UAF bugs in ax25 timers
2022-04-27 13:39:46 +02:00
batman-adv
batman-adv: Fix batadv_v_ogm_aggr_send memory leak
2023-08-30 16:31:55 +02:00
bluetooth
Bluetooth: hci_event: Fix using memcmp when comparing keys
2023-10-25 11:16:59 +02:00
bpf
bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
2022-11-25 17:40:29 +01:00
bpfilter
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
2020-01-27 14:50:51 +01:00
bridge
net: bridge: use DEV_STATS_INC()
2023-10-10 21:44:57 +02:00
caif
net: caif: Fix use-after-free in cfusbl_device_notify()
2023-03-17 08:31:44 +01:00
can
can: bcm: Fix UAF in bcm_proc_show()
2023-08-11 11:45:24 +02:00
ceph
libceph: use kernel_connect()
2023-10-25 11:16:51 +02:00
core
net: pktgen: Fix interface flags printing
2023-10-25 11:16:49 +02:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-08 19:04:10 +01:00
dccp
dccp: fix dccp_v4_err()/dccp_v6_err() again
2023-10-10 21:45:02 +02:00
decnet
Remove DECnet support from kernel
2023-06-21 15:39:57 +02:00
dns_resolver
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:30:24 +02:00
dsa
net: dsa: Add missing of_node_put() in dsa_port_parse_of
2022-03-23 09:10:44 +01:00
ethernet
net: add annotations on hh->hh_len lockless accesses
2020-01-09 10:19:09 +01:00
hsr
net: hsr: Fix potential use-after-free
2022-12-08 11:18:33 +01:00
ieee802154
net: ieee802154: fix error return code in dgram_bind()
2022-11-03 23:52:30 +09:00
ife
ipv4
tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb
2023-10-25 11:16:47 +02:00
ipv6
net: ipv6: fix return value check in esp_remove_trailer
2023-10-25 11:16:45 +02:00
iucv
net/iucv: Fix size of interrupt data
2023-03-22 13:27:10 +01:00
kcm
kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
2023-09-23 10:48:15 +02:00
key
net: af_key: fix sadb_x_filter validation
2023-08-30 16:31:48 +02:00
l2tp
ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
2023-10-10 21:45:01 +02:00
l3mdev
lapb
net: lapb: Copy the skb before sending a packet
2021-02-10 09:21:06 +01:00
llc
llc: Don't drop packet from non-root netns.
2023-08-11 11:45:26 +02:00
mac80211
wifi: mac80211: allow transmitting EAPOL frames with tainted key
2023-10-25 11:16:57 +02:00
mac802154
mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
2022-12-14 11:28:28 +01:00
mpls
net: mpls: fix stale pointer if allocation fails during device rename
2023-02-22 12:47:21 +01:00
ncsi
net/ncsi: Avoid channel_monitor hrtimer deadlock
2021-04-14 08:22:35 +02:00
netfilter
netfilter: nft_set_rbtree: .deactivate fails if element has expired
2023-10-25 11:16:49 +02:00
netlabel
netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
2023-09-23 10:47:58 +02:00
netlink
netlink: Add __sock_i_ino() for __netlink_diag_dump().
2023-08-11 11:45:07 +02:00
netrom
netrom: Deny concurrent connect().
2023-09-23 10:48:01 +02:00
nfc
nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
2023-10-25 11:16:42 +02:00
nsh
net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
2023-05-30 12:42:11 +01:00
openvswitch
net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
2023-02-22 12:47:12 +01:00
packet
net/packet: annotate data-races around tp->status
2023-08-16 18:13:00 +02:00
phonet
phonet: refcount leak in pep_sock_accep
2022-01-11 13:58:50 +01:00
psample
net: psample: fix skb_over_panic
2019-12-05 09:21:30 +01:00
qrtr
net: qrtr: fix another OOB Read in qrtr_endpoint_post
2021-09-03 09:58:00 +02:00
rds
net: prevent address rewrite in kernel_bind()
2023-10-25 11:16:21 +02:00
rfkill
net: rfkill: gpio: prevent value glitch during probe
2023-10-25 11:16:45 +02:00
rose
net/rose: Fix to not accept on connected socket
2023-02-22 12:47:19 +01:00
rxrpc
rxrpc: Fix hard call timeout units
2023-05-17 11:13:24 +02:00
sched
net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
2023-10-25 11:16:48 +02:00
sctp
sctp: update hb timer immediately after users change hb_interval
2023-10-10 21:45:01 +02:00
smc
net/smc: Remove redundant refcount increase
2022-09-15 12:17:03 +02:00
strparser
sunrpc
SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
2023-08-11 11:45:20 +02:00
switchdev
tipc
net: tipc: resize nlattr array to correct size
2023-06-21 15:39:59 +02:00
tls
net/tls: Fix race in TLS device down flow
2022-07-29 17:10:32 +02:00
unix
af_unix: Fix data-race around unix_tot_inflight.
2023-09-23 10:48:13 +02:00
vmw_vsock
vsock: avoid to close connected socket after the timeout
2023-05-30 12:42:10 +01:00
wimax
wireless
wifi: cfg80211: avoid leaking stack data into trace
2023-10-25 11:16:57 +02:00
x25
net/x25: Fix to not accept on connected socket
2023-02-22 12:47:12 +01:00
xdp
xsk: Simplify detection of empty and full rings
2021-05-22 10:59:48 +02:00
xfrm
xfrm: interface: use DEV_STATS_INC()
2023-10-25 11:16:44 +02:00
compat.c
net: Return the correct errno code
2021-06-30 08:48:13 -04:00
Kconfig
Remove DECnet support from kernel
2023-06-21 15:39:57 +02:00
Makefile
Remove DECnet support from kernel
2023-06-21 15:39:57 +02:00
socket.c
net: prevent address rewrite in kernel_bind()
2023-10-25 11:16:21 +02:00
sysctl_net.c