git.alex.org.uk - linux-flexiantxendom0-natty.git/commit

author	Filip Palian <s3810@pjwstk.edu.pl>
	Fri, 5 Aug 2011 10:48:56 +0000 (11:48 +0100)
committer	Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
	Mon, 29 Aug 2011 19:23:09 +0000 (16:23 -0300)
commit	a7945fcdfd696463783b76e618a185541216f6be
tree	790d63e245e6d6c60af0c5a45bd66bba00ce99d6	tree \| snapshot
parent	0c23994bcfe8f2c5a90f3cfbc452e9953fe00e17	commit \| diff

Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.

Structures "l2cap_conninfo" and "rfcomm_conninfo" have one padding
byte each. This byte in "cinfo" is copied to userspace uninitialized.

Signed-off-by: Filip Palian <filip.palian@pjwstk.edu.pl>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>

(backported from commit 8d03e971cf403305217b8e62db3a2e5ad2d6263f)
CVE-2011-2492
BugLink: http://bugs.launchpad.net/bugs/819569
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Leann Ogasawara <leann.ogasawara@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>

net/bluetooth/l2cap.c		diff \| blob \| history
net/bluetooth/rfcomm/sock.c		diff \| blob \| history