Hi Young, > Struct ca is copied from userspace. It is not checked whether the "name" > field is NULL terminated, which allows local users to obtain potentially > sensitive information from kernel stack memory, via a HIDPCONNADD command. > > This vulnerability is similar to CVE-2011-1079. > > Signed-off-by: Young Xiao <YangX92@xxxxxxxxxxx> > --- > net/bluetooth/hidp/sock.c | 1 + > 1 file changed, 1 insertion(+) patch has been applied to bluetooth-next tree. Regards Marcel
