From: Haoxiang Li <haoxiang_li2024@xxxxxxx>
commit f2176a07e7b19f73e05c805cf3d130a2999154cb upstream.
Add check for the return value of mgmt_alloc_skb() in
mgmt_remote_name() to prevent null pointer dereference.
Fixes: ba17bb62ce41 ("Bluetooth: Fix skb allocation in mgmt_remote_name() & mgmt_device_connected()")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Haoxiang Li <haoxiang_li2024@xxxxxxx>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/bluetooth/mgmt.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -10514,6 +10514,8 @@ void mgmt_remote_name(struct hci_dev *hd
skb = mgmt_alloc_skb(hdev, MGMT_EV_DEVICE_FOUND,
sizeof(*ev) + (name ? eir_precalc_len(name_len) : 0));
+ if (!skb)
+ return;
ev = skb_put(skb, sizeof(*ev));
bacpy(&ev->addr.bdaddr, bdaddr);
Patches currently in stable-queue which might be from haoxiang_li2024@xxxxxxx are
queue-6.1/bluetooth-add-check-for-mgmt_alloc_skb-in-mgmt_device_connected.patch
queue-6.1/rapidio-add-check-for-rio_add_net-in-rio_scan_alloc_net.patch
queue-6.1/rapidio-fix-an-api-misues-when-rio_add_net-fails.patch
queue-6.1/bluetooth-add-check-for-mgmt_alloc_skb-in-mgmt_remote_name.patch
