From $URL :
A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users
to gain knowledge of potentially sensitive information.
The vulnerability is caused due to an error in the HIDP Bluetooth implementation within the
"hidp_setup_hid()" function (net/bluetooth/hidp/core.c) as the HID device name, physical location,
and unique identifier variables may not be properly NULL terminated when handling long strings.
This can be exploited to disclose memory content via a specially crafted program executing a
Successful exploitation requires that the kernel is built with Bluetooth stack and HIDP support.
The vulnerability is reported in versions prior to 3.7.6, 3.4.29, 3.2.38, and 3.0.62
Update to version 3.7.6, 3.4.29, 3.2.38, or 3.0.62
Provided and/or discovered by
There are no longer any 2.x or <3.7.6 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.