blob: 9ce031aec167e99d4f3604e05f21c6397ec6d60c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: bluetooth: hci_uart: 0x0 address execution as nonprivileged user
References:
https://www.openwall.com/lists/oss-security/2019/07/25/1
https://lore.kernel.org/linux-bluetooth/20190725120909.31235-1-vdronov@redhat.com/T/#u
Notes:
bwh> For hci_ath, this was introduced in Linux 2.6.36 by commit
bwh> b3190df62861 "Bluetooth: Support for Atheros AR300x serial chip".
bwh> For hci_uart, this was introduced in Linux 4.2 by commit
bwh> 2a973dfada2b "Bluetooth: hci_uart: Add new line discipline
bwh> enhancements".
Bugs:
upstream: released (5.3-rc3) [b36a1552d7319bbfd5cf7f08726c23c5c66d4f73]
4.19-upstream-stable: released (4.19.64) [56966212e23f82ced10831f7cca02f7339147428]
4.9-upstream-stable: released (4.9.187) [58a01b0bd8ea5fddb51d4d854bb149a1a7312c12]
3.16-upstream-stable: released (3.16.72) [ebb8302ce770e8c455d9209cb598f4cd03021e42]
sid: released (5.2.6-1)
4.19-buster-security: released (4.19.37-5+deb10u2) [bugfix/all/Bluetooth-hci_uart-check-for-missing-tty-operations.patch]
4.9-stretch-security: released (4.9.168-1+deb9u5) [bugfix/all/bluetooth-hci_uart-check-for-missing-tty-operations.patch]
3.16-jessie-security: released (3.16.72-1)
|
