]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e9e3c39) | patch
bluez5: fix CVE-2022-0204
authorRalph Siemsen <ralph.siemsen@linaro.org>
Fri, 1 Apr 2022 01:13:33 +0000 (21:13 -0400)
committerSteve Sakoman <steve@sakoman.com>
Mon, 4 Apr 2022 14:22:32 +0000 (04:22 -1000)
commit058dec11cc6580212c6d4560d0f0e5b704d501dc
treec985e9858fcdf11db61d9dd3604ed0546adee7ddtree
parente9e3c3969544d18f0da90a10156c40da84d5b549commit | diff
bluez5: fix CVE-2022-0204

Fix heap overflow when appending prepare writes

The code shall check if the prepare writes would append more the
allowed maximum attribute length.

Upstream-Status: Backport [https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0]
CVE: CVE-2022-0204

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-connectivity/bluez5/bluez5.inc diff | blob | blame | history
meta/recipes-connectivity/bluez5/bluez5/CVE-2022-0204.patch [new file with mode: 0644] blob
Mirror of git://git.openembedded.org/openembedded-core