Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.
Product status
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 335071c0c3637064ec250481f589075db44fe4e6
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before fa6ad76fa8623c0a50d529cd5726fa5d819a3be4
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 9118601ff90b79e8df3c0c98f48ae00c1b02ecef
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 481ea39b342c347b6ac029f3d418486280be4e45
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before ec91078e132179b04e0c3906b599816c056ceaad
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 96581749c7c14fbec32c35728520867929600041
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 8dd43f9a9323f9c01bc8246da8d81a4c783c9e97
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d (git) before 138d7eca445ef37a0333425d269ee59900ca1104
3.14
Any version before 3.14
5.10.252 (semver)
5.15.202 (semver)
6.1.165 (semver)
6.6.128 (semver)
6.12.75 (semver)
6.18.16 (semver)
6.19.6 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/335071c0c3637064ec250481f589075db44fe4e6
git.kernel.org/...c/fa6ad76fa8623c0a50d529cd5726fa5d819a3be4
git.kernel.org/...c/9118601ff90b79e8df3c0c98f48ae00c1b02ecef
git.kernel.org/...c/481ea39b342c347b6ac029f3d418486280be4e45
git.kernel.org/...c/ec91078e132179b04e0c3906b599816c056ceaad
git.kernel.org/...c/96581749c7c14fbec32c35728520867929600041
git.kernel.org/...c/8dd43f9a9323f9c01bc8246da8d81a4c783c9e97
git.kernel.org/...c/138d7eca445ef37a0333425d269ee59900ca1104