blob: 3b7b9841e965fbb02498a06dc697ca7912117457 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: isdn: cpai: check ctr->cnr to avoid array index out of bound
References:
https://www.openwall.com/lists/oss-security/2021/10/19/1
https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/
Notes:
carnil> Fixed as well in 5.14.15 in 5.14.y.
bwh> This seems to really be a bug in the Bluetooth CMTP subsystem, which has
bwh> been present since that was added in Linux 2.6.2.
Bugs:
upstream: released (5.15-rc6) [1f3e2e97c003f80c4b087092b225c8787ff91e4d]
5.10-upstream-stable: released (5.10.76) [7f221ccbee4ec662e2292d490a43ce6c314c4594]
4.19-upstream-stable: released (4.19.214) [7d91adc0ccb060ce564103315189466eb822cc6a]
4.9-upstream-stable: released (4.9.288) [24219a977bfe3d658687e45615c70998acdbac5a]
sid: released (5.14.16-1)
5.10-bullseye-security: needed
4.19-buster-security: needed
4.9-stretch-security: pending (4.9.290-1)
|
