References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

https://git.kernel.org/stable/c/8e605f580a97530e5a3583beea458a3fa4cbefbd

https://git.kernel.org/stable/c/a9a7672fc1a0fe18502493936ccb06413ab89ea6

https://git.kernel.org/stable/c/cf601a24120c674cd7c907ea695f92617af6abd0

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc

A NULL sock pointer is passed into l2cap_sock_alloc() when it is called
from l2cap_sock_new_connection_cb() and the error handling paths should
also be aware of it.

Seemingly a more elegant solution would be to swap bt_sock_alloc() and
l2cap_chan_create() calls since they are not interdependent to that moment
but then l2cap_chan_create() adds the soon to be deallo

https://git.kernel.org/stable/c/245d48c1ba3e7a1779c2f4cbc6f581ddc8a78e22

https://git.kernel.org/stable/c/297ce7f544aa675b0d136d788cad0710cdfb0785

https://git.kernel.org/stable/c/49c0d55d59662430f1829ae85b969619573d0fa1

https://git.kernel.org/stable/c/5f397409f8ee5bc82901eeaf799e1cbc4f8edcf1

https://git.kernel.org/stable/c/691218a50c3139f7f57ffa79fb89d932eda9571e