ASA-2019-00013 – Linux: Heap address information leak while using L2CAP_PARSE_CONF_RSP

A flaw was found in the Linux kernels implementation of Logical link control and adaptation protocol (L2CAP), part of the bluetooth stack in the l2cap_parse_conf_rsp, l2cap_parse_conf_req functions. An attacker with physical access within the range of standard bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.