kernel: Bluetooth: HCI: Fix global-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be intentionally invali...

SUSE CVE-2023-28866

In the Linux kernel through 6.2.8, net/bluetooth/hcisync.c allows out-of-bounds access because ampinit1 and ampinit2 are supposed to have an intentionally invalid element, but do not...