Re: maybe similar bug exists for HCI_EV_INQUIRY_RESULT* like [Linux-kernel-mentees] [PATCH v2] net/bluetooth: slab-out-of-bounds read in hci_extended_inquiry_result_evt()
From: Peilin Ye <hidden>
Date: 2021-07-01 21:06:54
Also in:
linux-kernel-mentees, lkml, netdev
On Thu, Jul 01, 2021 at 06:39:36PM +0300, Alexander Larkin wrote:
For the net/bluetooth/hci_event.c , maybe similar bug could be inside hci_inquiry_result_with_rssi_evt() that is HCI_EV_INQUIRY_RESULT_WITH_RSSI and inside hci_inquiry_result_evt() that is HCI_EV_INQUIRY_RESULT.
Hi Alexander,
Thanks for looking into this, I believe they were handled in commit
629b49c848ee ("Bluetooth: Prevent out-of-bounds read in
hci_inquiry_result_with_rssi_evt()") and commit 75bbd2ea50ba ("Bluetooth:
Prevent out-of-bounds read in hci_inquiry_result_evt()").
Thanks,
Peilin Ye