alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
9f9013c8c3
esp-idf/components/bt/host/bluedroid
History
Chinmay Chhajed 235628355f Bluedroid: Fixes for some vulnerabilities. 
This commit fixes 'Impersonation in Passkey entry protocol'
(CVE-2020-26558) and suggests fixes for other vulnerabilites like
'Impersonation in the Pin Pairing Protocol' (CVE-2020-26555) and
'Authentication of the LE Legacy Pairing Protocol'

CVE-2020-26558 can be easily implemented if the peer device can
impersonate our public key. This commit adds a check by comparing our
and received public key and returns failed pairing if keys are same.

This commit also adds comments suggesting to use secure connection when
supported by all devices.
2020-12-25 16:01:11 +05:30
..
api Bluedroid: Fixes for some vulnerabilities. 2020-12-25 16:01:11 +05:30
bta Merge branch 'bugfix/blufi_config_potential_double_free_v4.2' into 'release/v4.2' 2020-12-09 22:26:19 +08:00
btc Merge branch 'bugfix/blufi_config_potential_double_free_v4.2' into 'release/v4.2' 2020-12-09 22:26:19 +08:00
common/include/common Merge branch 'bugfix/blufi_config_potential_double_free_v4.2' into 'release/v4.2' 2020-12-09 22:26:19 +08:00
device tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
external/sbc components/bt: Fix linking fail with toolchain 8.2.0 2019-08-16 09:54:18 +00:00
hci add congest direct callback and fix malloc failed when multi_connection notify performance test 2020-05-15 15:35:39 +08:00
main tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
stack Bluedroid: Fixes for some vulnerabilities. 2020-12-25 16:01:11 +05:30
Kconfig.in component/bt: Add a macro to control the compilation of blufi. 2020-11-24 10:44:57 +08:00