CVE-2019-11884 (NVD)

2019-05-10

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

Products Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_tus
Type ? (NVD-CWE-noinfo)
First patch - None (likely due to unavailable code)
Patches https://github.com/torvalds/linux/commit/a1616a5ac99ede5d605047a9012481ce7ff18b16
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1616a5ac99ede5d605047a9012481ce7ff18b16
Links http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
https://usn.ubuntu.com/4118-1/
http://www.securityfocus.com/bid/108299
https://usn.ubuntu.com/4076-1/
https://access.redhat.com/errata/RHSA-2019:3309