projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7af8479) | patch
Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling
authorEn-Wei Wu <en-wei.wu@canonical.com>
Thu, 8 May 2025 14:15:20 +0000 (22:15 +0800)
committerLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Thu, 15 May 2025 17:12:54 +0000 (13:12 -0400)
commit4bcb0c7dc25446b99fc7a8fa2a143d69f3314162
tree92b5d12349d200f070b74f9a417b464dc9c4d0a4tree
parent7af8479d9eb4319b4ba7b47a8c4d2c55af1c31e1commit | diff
Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling

Use skb_pull() and skb_pull_data() to safely parse QCA dump packets.

This avoids direct pointer math on skb->data, which could lead to
invalid access if the packet is shorter than expected.

Fixes: 20981ce2d5a5 ("Bluetooth: btusb: Add WCN6855 devcoredump support")
Signed-off-by: En-Wei Wu <en-wei.wu@canonical.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
drivers/bluetooth/btusb.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)