bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250) - linux/poky.git

diff options

author	Ross Burton <ross.burton@intel.com>	2017-09-13 16:59:09 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:07:57 +0000
commit	4992fc465d074ca04552080bf45d4efbfd61958e (patch)
tree	07f82a368238d7afa12c145cc7954a099c74cc98 /scripts
parent	2b3db17bd855eb10bbb25fed8697167494ff575a (diff)
download	poky-4992fc465d074ca04552080bf45d4efbfd61958e.tar.gz

bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. (From OE-Core rev: d25716ceb3ffcdfcfa54516596bd94bf5c050bac) (From OE-Core rev: c8f4cd337b9cc5c5c3fc40c6a6d8d2394fdc9ea3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: