asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/net/bluetooth
History
Luiz Augusto von Dentz 91f48261e7 Bluetooth: hci_event: Fix using memcmp when comparing keys 
[ Upstream commit b541260615f601ae1b5d6d0cc54e790de706303b ]

memcmp is not consider safe to use with cryptographic secrets:

 'Do  not  use memcmp() to compare security critical data, such as
 cryptographic secrets, because the required CPU time depends on the
 number of equal bytes.'

While usage of memcmp for ZERO_KEY may not be considered a security
critical data, it can lead to more usage of memcmp with pairing keys
which could introduce more security problems.

Fixes: 455c2ff0a5 ("Bluetooth: Fix BR/EDR out-of-band pairing with only initiator data")
Fixes: 33155c4aae52 ("Bluetooth: hci_event: Ignore NULL link key")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-10-25 11:16:59 +02:00
..
bnep
cmtp Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails 2022-01-27 09:04:16 +01:00
hidp Bluetooth: Fix race condition in hidp_session_thread 2023-04-20 12:04:39 +02:00
rfcomm Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave() 2023-01-18 11:30:20 +01:00
6lowpan.c Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() 2022-12-14 11:28:28 +01:00
a2mp.c
a2mp.h
af_bluetooth.c Bluetooth: Fix not cleanup led when bt_init fails 2022-12-14 11:28:28 +01:00
amp.c Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data 2021-03-07 12:18:58 +01:00
amp.h
ecdh_helper.c
ecdh_helper.h Fix misc new gcc warnings 2021-05-22 10:59:21 +02:00
hci_conn.c Bluetooth: Avoid redundant authentication 2023-10-25 11:16:56 +02:00
hci_core.c Bluetooth: hci_core: Fix build warnings 2023-10-25 11:16:56 +02:00
hci_debugfs.c
hci_debugfs.h
hci_event.c Bluetooth: hci_event: Fix using memcmp when comparing keys 2023-10-25 11:16:59 +02:00
hci_request.c bluetooth: eliminate the potential race condition when removing the HCI controller 2021-05-22 10:59:24 +02:00
hci_request.h
hci_sock.c bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() 2023-06-09 10:23:54 +02:00
hci_sysfs.c Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times 2022-10-26 13:19:37 +02:00
Kconfig
l2cap_core.c Bluetooth: L2CAP: Fix use-after-free 2023-08-30 16:31:43 +02:00
l2cap_sock.c Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb 2023-08-11 11:45:39 +02:00
leds.c
leds.h
lib.c
Makefile
mgmt.c Bluetooth: Fix the HCI to MGMT status conversion table 2021-07-20 16:16:02 +02:00
mgmt_util.c
mgmt_util.h
sco.c Bluetooth: SCO: Fix sco_send_frame returning skb->len 2022-07-29 17:10:36 +02:00
selftest.c
selftest.h
smp.c Bluetooth: SMP: Fail if remote and local public keys are identical 2021-05-26 11:48:36 +02:00
smp.h