| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210701210645.GA14471@PWN>
Date: Thu, 1 Jul 2021 17:06:45 -0400
From: Peilin Ye <yepeilin.cs@...il.com>
To: Alexander Larkin <avlarkin82@...il.com>
Cc: davem@...emloft.net, johan.hedberg@...il.com, kuba@...nel.org,
linux-bluetooth@...r.kernel.org,
linux-kernel-mentees@...ts.linuxfoundation.org,
linux-kernel@...r.kernel.org, linux@...linux.org.uk,
marcel@...tmann.org, netdev@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: maybe similar bug exists for HCI_EV_INQUIRY_RESULT* like
[Linux-kernel-mentees] [PATCH v2] net/bluetooth: slab-out-of-bounds read in
hci_extended_inquiry_result_evt()
On Thu, Jul 01, 2021 at 06:39:36PM +0300, Alexander Larkin wrote:
> For the net/bluetooth/hci_event.c , maybe similar bug could be inside
> hci_inquiry_result_with_rssi_evt() that is HCI_EV_INQUIRY_RESULT_WITH_RSSI
> and inside hci_inquiry_result_evt() that is HCI_EV_INQUIRY_RESULT.
Hi Alexander,
Thanks for looking into this, I believe they were handled in commit
629b49c848ee ("Bluetooth: Prevent out-of-bounds read in
hci_inquiry_result_with_rssi_evt()") and commit 75bbd2ea50ba ("Bluetooth:
Prevent out-of-bounds read in hci_inquiry_result_evt()").
Thanks,
Peilin Ye
Powered by blists - more mailing lists