]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 96c573e) | patch
linux-yocto/4.9: bluetooth: CVE-2017-1000251
authorBruce Ashfield <bruce.ashfield@windriver.com>
Thu, 14 Sep 2017 13:47:01 +0000 (09:47 -0400)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 21 Sep 2017 15:52:06 +0000 (16:52 +0100)
commitcda7f3650deebd8a3a7108a2a2e782ebb661150c
tree3f2d1b6eab071ddcd5d559631d6819e747f2d044tree | snapshot
parent96c573e6e146f7e6366e3543054c87cf9960603ecommit | diff
linux-yocto/4.9: bluetooth: CVE-2017-1000251

Integrating the following commit:

[
    commit 16de0149674ed12d983b77a453852ac2e64584b4
    Author: Ben Seri <ben@armis.com>
    Date:   Sat Sep 9 23:15:59 2017 +0200

    Bluetooth: Properly check L2CAP config option output buffer length

    Validate the output buffer length for L2CAP config requests and
    responses to avoid overflowing the stack buffer used for building the
    option blocks.

Cc: stable@vger.kernel.org
Signed-off-by: Ben Seri <ben@armis.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
]

(From OE-Core rev: a15ec979910a74d4490aecf30aa21fa5c2f4e99d)

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-kernel/linux/linux-yocto-rt_4.9.bb diff | blob | history
meta/recipes-kernel/linux/linux-yocto-tiny_4.9.bb diff | blob | history
meta/recipes-kernel/linux/linux-yocto_4.9.bb diff | blob | history
Mirror of the official openembedded-core repository