microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/net/bluetooth
История
Ruihan Li 09411f1b86 bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() 
commit 000c2fa2c1 upstream.

Previously, channel open messages were always sent to monitors on the first
ioctl() call for unbound HCI sockets, even if the command and arguments
were completely invalid. This can leave an exploitable hole with the abuse
of invalid ioctl calls.

This commit hardens the ioctl processing logic by first checking if the
command is valid, and immediately returning with an ENOIOCTLCMD error code
if it is not. This ensures that ioctl calls with invalid commands are free
of side effects, and increases the difficulty of further exploitation by
forcing exploitation to find a way to pass a valid command first.

Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Co-developed-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-06-05 09:21:24 +02:00
..
bnep
cmtp
hidp Bluetooth: Fix race condition in hidp_session_thread 2023-04-20 12:13:52 +02:00
rfcomm Bluetooth: Fix possible deadlock in rfcomm_sk_state_change 2023-02-01 08:27:11 +01:00
6lowpan.c Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() 2022-12-14 11:37:24 +01:00
Kconfig
Makefile
a2mp.c
a2mp.h
af_bluetooth.c Bluetooth: Fix not cleanup led when bt_init fails 2022-12-14 11:37:24 +01:00
amp.c
amp.h
aosp.c
aosp.h
ecdh_helper.c
ecdh_helper.h
hci_conn.c
hci_core.c Bluetooth: hci_sync: cancel cmd_timer if hci_open failed 2023-02-01 08:27:22 +01:00
hci_debugfs.c
hci_debugfs.h
hci_event.c Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt 2023-02-06 07:59:01 +01:00
hci_request.c
hci_request.h
hci_sock.c bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() 2023-06-05 09:21:24 +02:00
hci_sysfs.c Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times 2022-10-26 12:35:36 +02:00
l2cap_core.c Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp 2023-05-24 17:36:46 +01:00
l2cap_sock.c Bluetooth: L2CAP: Fix potential user-after-free 2023-03-10 09:39:15 +01:00
leds.c
leds.h
lib.c
mgmt.c Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS 2022-12-31 13:14:20 +01:00
mgmt_config.c
mgmt_config.h
mgmt_util.c
mgmt_util.h
msft.c
msft.h
sco.c Bluetooth: SCO: Fix sco_send_frame returning skb->len 2022-07-29 17:25:30 +02:00
selftest.c
selftest.h
smp.c
smp.h