kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

A flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol HIDP. A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the dohidpsockioctl function in net/bluetooth/hidp/sock.c.c. This function can leak...

CVE-2019-11884

The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character...

CVE-2019-11884

The CVE-2019-11884 entry affects the Linux kernel's HIDP path. It concerns the do_hidp_sock_ioctl in net/bluetooth/hidp/sock.c, where a HIDPCONNADD command can leak data from kernel stack memory due to a name field not properly ending with a NUL terminator. The vulnerability allows local attacker...

CVE-2019-11884

The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character...

CVE-2019-11884

The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character...