Bug 914298 - (CVE-2013-0349) CVE-2013-0349 kernel: bluetooth HIDP implementation information disclosure
CVE-2013-0349 kernel: bluetooth HIDP implementation information disclosure
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20130109,reported=2...
: Security
Depends On: 914690 914691 914693
Blocks: 905769
  Show dependency treegraph
 
Reported: 2013-02-22 04:58 EST by Prasad J Pandit
Modified: 2015-07-31 02:58 EDT (History)
28 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-04-23 16:51:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Prasad J Pandit 2013-02-22 04:58:35 EST
Linux kernel built with Bluetooth stack and HIDP support HCONFIG_BT=y/m
& CONFIG_BT_HIDP=y/m is vulnerable to an information disclosure flaw caused
by wrongly initialising the hid_device->name, physical location and unique
identifier variables. Information leakage happens if these variables are not
NULL('\0') terminated.

A privileged(CAP_NET_ADMIN) user/program could cause this via ioctl(HIDPCONNADD) call.

Upstream fix:
 -> https://git.kernel.org/linus/0a9ab9bdb3e891762553f667066190c1d22ad62b
Comment 1 Prasad J Pandit 2013-02-22 08:08:44 EST
Statement:

This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.

This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
Comment 2 Josh Boyer 2013-02-22 08:58:30 EST
This was fixed in the upstream 3.7.6 stable kernel with commit e18ef0a55a00817e7ce7be8b3e0e725a2caaf1f2.  All supported Fedora versions are on 3.7.8 or newer, so the issue is already resolved in Fedora.
Comment 4 Prasad J Pandit 2013-02-22 09:25:24 EST
Created kernel tracking bugs for this issue

Affects: fedora-all [bug 914693]
Comment 10 errata-xmlrpc 2013-04-23 14:26:32 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0744 https://rhn.redhat.com/errata/RHSA-2013-0744.html

Note You need to log in before you can comment on or make changes to this bug.