| commit | d4ea7f9f5554d94dcb8a630f470c724d05e8f112 | |
| author | Marcel Holtmann <marcel@holtmann.org> | |
| Mon, 11 Dec 2006 14:18:24 +0000 (11 15:18 +0100) | ||
| committer | Chris Wright <chrisw@sous-sol.org> | |
| Wed, 10 Jan 2007 19:05:19 +0000 (10 11:05 -0800) | ||
| tree | 431d78b90b31201d6375609a5e7365503a5d3f7d | treesnapshot (tar.gz zip) |
| parent | f73237921bbbffaf0e338ef018726980a5483baa | commitdiff |
[PATCH] Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)
With malformed packets it might be possible to overwrite internal
CMTP and CAPI data structures. This patch adds additional length
checks to prevent these kinds of remote attacks.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
With malformed packets it might be possible to overwrite internal
CMTP and CAPI data structures. This patch adds additional length
checks to prevent these kinds of remote attacks.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
| net/bluetooth/cmtp/capi.c | diffblobblamehistory |