Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>	2022-11-01 02:10:32 +0300
committer	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>	2022-11-03 02:36:59 +0300
commit	711f8c3fb3db61897080468586b970c87c61d9e4 (patch)
tree	cedd21a4c8b64b3ae4587293046b9f72d166c886 /kernel
parent	5638d9ea9c01c77fc11693d48cf719bc7e88f224 (diff)
download	linux-711f8c3fb3db61897080468586b970c87c61d9e4.tar.xz

Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM

The Bluetooth spec states that the valid range for SPSM is from 0x0001-0x00ff so it is invalid to accept values outside of this range: BLUETOOTH CORE SPECIFICATION Version 5.3 | Vol 3, Part A page 1059: Table 4.15: L2CAP_LE_CREDIT_BASED_CONNECTION_REQ SPSM ranges CVE: CVE-2022-42896 CC: stable@vger.kernel.org Reported-by: Tamás Koczka <poprdi@google.com> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Reviewed-by: Tedd Ho-Jeong An <tedd.an@intel.com>

Diffstat (limited to 'kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: