CVE-2024-26889

Bluetooth: hci_core: Fix possible buffer overflow

References

https://cve.org/CVERecord/?id=CVE-2024-26889

Notes

 carnil> Introduced in dcda165706b9 ("Bluetooth: hci_core: Fix build warnings").
 carnil> Vulnerable versions: 4.14.328 4.19.297 5.4.259 5.10.199 5.15.137 6.1.60 6.5.9
 carnil> 6.6-rc5.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	released (4.19.311) [6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac]
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.214) [d47e6c1932cee02954ea588c9f09fd5ecefeadfc]
6.1-bookworm-security	released (6.1.85-1)
6.1-upstream-stable	released (6.1.83) [68644bf5ec6baaff40fc39b3529c874bfda709bd]
6.6-upstream-stable	released (6.6.23) [a41c8efe659caed0e21422876bbb6b73c15b5244]
6.8-upstream-stable	released (6.8.2) [2edce8e9a99dd5e4404259d52e754fdc97fb42c2]
sid	released (6.7.12-1)
upstream	released (6.9-rc1) [81137162bfaa7278785b24c1fd2e9e74f082e8e4]