git.ipfire.org Git - thirdparty/kernel/stable.git/commit

]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit

projects / thirdparty / kernel / stable.git / commit

author	Johan Hovold <johan+linaro@kernel.org>
	Wed, 1 May 2024 12:34:52 +0000 (14:34 +0200)
committer	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
	Fri, 3 May 2024 17:05:32 +0000 (13:05 -0400)
commit	cda0d6a198e2a7ec6f176c36173a57bdd8af7af2
tree	ca23cfe2b4010de13158244afc683cbd9475a6ab	tree \| snapshot
parent	dd336649ba89789c845618dcbc09867010aec673	commit \| diff

Bluetooth: qca: fix info leak when fetching fw build id

Add the missing sanity checks and move the 255-byte build-id buffer off
the stack to avoid leaking stack data through debugfs in case the
build-info reply is malformed.

Fixes: c0187b0bd3e9 ("Bluetooth: btqca: Add support to read FW build version for WCN3991 BTSoC")
Cc: stable@vger.kernel.org # 5.12
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>

drivers/bluetooth/btqca.c		diff \| blob \| blame \| history
drivers/bluetooth/btqca.h		diff \| blob \| blame \| history

Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

RSS Atom