Home

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not.

PUBLISHED Reserved 2025-06-18 | Published 2025-08-09 | Updated 2026-05-11 | Assigner Linux

Product status

Default status
unaffected

4c3dbb2c312c9fafbac30d98c523b8b1f3455d78 (git) before dd7b8cdde098cf9f7c8de409b5b7bbb98f97be80
affected

Default status
affected

4.14
affected

Any version before 4.14
unaffected

6.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/dd7b8cdde098cf9f7c8de409b5b7bbb98f97be80

cve.org (CVE-2022-50233)

nvd.nist.gov (CVE-2022-50233)

Download JSON