Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bluetooth: L2CAP: Access uninitialized memory #231

Open
hucarxiao opened this issue Dec 13, 2023 · 0 comments
Open

Bluetooth: L2CAP: Access uninitialized memory #231

hucarxiao opened this issue Dec 13, 2023 · 0 comments

Comments

@hucarxiao
Copy link

hucarxiao commented Dec 13, 2023

Version
latest

What is the security issue or vulnerability?
net/bluetooth/l2cap_core.c:
There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely.
3520 line : if (test_bit(FLAG_EFS_ENABLE, &chan->flags))

Security issue or vulnerability information
description:https://nvd.nist.gov/vuln/detail/CVE-2022-42895

commit:torvalds/linux@b1a2cd5

Could you apply for another new CVE?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant