A flaw was found in the kernels implementation of the bluetooth HIDP (Human Interface Device Protocol). A local attacker with access permissions to the bluetooth device can issue an IOCTL which will trigger the do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c.c. This function can potentially leak potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not correctly NULL terminated.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1709838]
This flaw is rated as a Moderate as it requires the local attacker to have permissions to the bluetooth devices and also is an infoleak with no privilege escalation known at this time.