Critical Vulnerability Information Vulnerability Type: Use after free Affected Component: activity in Fluoride Bluetooth stack Issue Description: In the or functions, the buffer length is recorded. In certain cases, an intermediate call may free the buffer, leading to access of the buffer after it has been freed. Fix: Use logs sourced from the buffer origin instead of the buffer that has not yet been freed at this point. Related Files and Tests Related Files: - - - - - - - - - - Tests: - : Test cases added to verify the fix Additional Information Commit ID: c81220f499edcbff9a7cfd00beeaeball84245 Author: Brian DeWolf Commit Time: Fri Oct 31 16:55:55 2014 +0000