Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-19 12:00:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-stable/net/bluetooth
History
Ignat Korchagin 7c4f78cdb8 Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() 
bt_sock_alloc() allocates the sk object and attaches it to the provided
sock object. On error l2cap_sock_alloc() frees the sk object, but the
dangling pointer is still attached to the sock object, which may create
use-after-free in other code.

Signed-off-by: Ignat Korchagin <ignat@cloudflare.com>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20241014153808.51894-3-ignat@cloudflare.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-10-15 18:43:07 -07:00
..
bnep
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
cmtp
Bluetooth: CMTP: Mark BT_CMTP as DEPRECATED
2024-09-10 13:07:08 -04:00
hidp
Bluetooth: Init sk_peer_* on bt_sock_alloc
2023-08-11 11:37:22 -07:00
rfcomm
Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
2024-10-04 16:54:10 -04:00
6lowpan.c
ipv6: introduce dst_rt6_info() helper
2024-04-29 13:32:01 +01:00
af_bluetooth.c
Bluetooth: af_bluetooth: Fix deadlock
2024-03-06 17:26:25 -05:00
aosp.c
Bluetooth: Fix null pointer deref on unexpected status event
2022-08-08 17:04:37 -07:00
aosp.h
Bluetooth: aosp: Support AOSP Bluetooth Quality Report
2021-11-02 19:37:52 +01:00
coredump.c
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
ecdh_helper.c
Bluetooth: Use crypto_wait_req
2023-02-13 18:34:48 +08:00
ecdh_helper.h
eir.c
Bluetooth: Fix eir name length
2024-03-08 10:22:17 -05:00
eir.h
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
hci_codec.c
Bluetooth: Fix support for Read Local Supported Codecs V2
2022-12-02 13:09:31 -08:00
hci_codec.h
hci_conn.c
Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
2024-10-04 16:54:17 -04:00
hci_core.c
Including fixes from ieee802154, bluetooth and netfilter.
2024-10-03 09:44:00 -07:00
hci_debugfs.c
Bluetooth: Remove hci_request.{c,h}
2024-07-15 10:11:35 -04:00
hci_debugfs.h
hci_event.c
Including fixes from ieee802154, bluetooth and netfilter.
2024-10-03 09:44:00 -07:00
hci_sock.c
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
hci_sync.c
Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL
2024-09-10 13:07:24 -04:00
hci_sysfs.c
Bluetooth: Fix double free in hci_conn_cleanup
2023-10-23 11:05:11 -07:00
iso.c
Bluetooth: iso: remove unused struct 'iso_list_data'
2024-07-14 21:34:31 -04:00
Kconfig
Bluetooth: Remove BT_HS
2024-03-06 17:22:39 -05:00
l2cap_core.c
Bluetooth: L2CAP: Fix uaf in l2cap_connect
2024-09-27 10:52:18 -04:00
l2cap_sock.c
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()
2024-10-15 18:43:07 -07:00
leds.c
Bluetooth: Use led_set_brightness() in LED trigger activate() callback
2024-09-10 13:06:11 -04:00
leds.h
lib.c
Bluetooth: Add documentation to exported functions in lib
2023-12-22 12:54:55 -05:00
Makefile
Bluetooth: Remove hci_request.{c,h}
2024-07-15 10:11:35 -04:00
mgmt_config.c
mgmt_config.h
mgmt_util.c
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
mgmt_util.h
Bluetooth: Fix a buffer overflow in mgmt_mesh_add()
2023-01-17 15:50:10 -08:00
mgmt.c
Including fixes from ieee802154, bluetooth and netfilter.
2024-10-03 09:44:00 -07:00
msft.c
Bluetooth: Remove hci_request.{c,h}
2024-07-15 10:11:35 -04:00
msft.h
Bluetooth: msft: fix slab-use-after-free in msft_do_close()
2024-05-03 13:05:28 -04:00
sco.c
net-accept-more-20240515
2024-05-18 10:32:39 -07:00
selftest.c
selftest.h
smp.c
Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
2024-08-30 17:56:53 -04:00
smp.h