Hi Johan, > The Add Advertising command handler does the appropriate checks for > the AD and Scan Response data, however fails to take into account the > general length of the mgmt command itself, which could lead to > potential buffer overflows. This patch adds the necessary check that > the mgmt command length is consistent with the given ad and scan_rsp > lengths. > > Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx> > --- > net/bluetooth/mgmt.c | 4 ++++ > 1 file changed, 4 insertions(+) patch has been applied to bluetooth-next tree. Regards Marcel -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
