CVE-2022-50233
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}
Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4c3dbb2c312c9fafbac30d98c523b8b1f3455d78 < dd7b8cdde098cf9f7c8de409b5b7bbb98f97be80 | affected |
| Linux | Linux | 4.14 | affected |
| Linux | Linux | 0 < 4.14 | unaffected |
| Linux | Linux | 6.0 <= * | unaffected |
Weaknesses
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.