In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not.
History

Sat, 09 Aug 2025 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not.
Title Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-08-09T14:30:51.639Z

Updated: 2025-08-09T14:30:51.639Z

Reserved: 2025-06-18T10:57:27.432Z

Link: CVE-2022-50233

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-08-09T15:15:27.723

Modified: 2025-08-09T15:15:27.723

Link: CVE-2022-50233

cve-icon Redhat

No data.