bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250) - linux/poky.git

diff options

author	Ross Burton <ross.burton@intel.com>	2017-09-14 13:27:53 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-10-10 17:27:39 +0100
commit	064ddc1652ab8b73dc454ba24c3ed363508954d0 (patch)
tree	5fb954433c5e0bae0827fc41136d10989e906cc4 /meta/classes
parent	493b1c9aeaeb60440085bb3692e9362a87553bce (diff)
download	poky-064ddc1652ab8b73dc454ba24c3ed363508954d0.tar.gz

bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. (From OE-Core rev: 8878d599cbc48b700f393d94657fe39db06fd533) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/classes')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: