Bug 1139868 - (CVE-2019-12983) VUL-1: CVE-2019-12983: kernel-source: function do_hidp_sock_ioctl does not ensure that certain device field ends with a '\0'
VUL-1: CVE-2019-12983: kernel-source: function do_hidp_sock_ioctl does not en...
Status: RESOLVED DUPLICATE of bug 1134848
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P4 - Low : Minor
: ---
Assigned To: Oliver Neukum
Security Team bot
Depends on: CVE-2019-11884
  Show dependency treegraph
Reported: 2019-07-01 08:48 UTC by Alexander Bergmann
Modified: 2020-06-25 08:03 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-07-01 08:48:21 UTC

In the Linux kernel before 5.0.15, the function do_hidp_sock_ioctl in
net/bluetooth/hidp/sock.c does not ensure that a certain device field ends with
a '\0' character, which allows local users to obtain potentially sensitive
information from kernel stack memory, or cause a denial of service, which is
similar to CVE-2011-1079. The user would use an HIDPCONNADD command.

Comment 2 Oliver Neukum 2019-07-01 12:36:09 UTC
Takashi pushed this patch in in May.
Comment 3 Marcus Meissner 2019-07-01 16:03:13 UTC
can you add the CVE / bug to the references, then reassign back to us.
Comment 4 Oliver Neukum 2019-07-02 09:02:53 UTC
According to MITRE this CVE is spurious due to being a duplicate.

Our fix has long since been pushed as bsc#1134848
What is to be done?
Comment 5 Marcus Meissner 2019-08-14 11:11:35 UTC
mark as dup of bug 1134848

*** This bug has been marked as a duplicate of bug 1134848 ***