CVE-2024-54456 NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...

CVE-2024-54456

CVE-2024-54456 : Linux kernel NFS path vulnerability in nfs_sysfs_link_rpc_client() leading to potential buffer overflow due to strcat on cl_program->name; fix replaces with strscpy() and strncat() (kernel-side patch). Affected: Linux kernel NFS subsystem; root cause: unbounded name field size...

CVE-2024-54456 NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...

CVE-2022-49401

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

DEBIAN-CVE-2022-49401

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

UBUNTU-CVE-2022-49401

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

CVE-2021-47642

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...

CVE-2021-47642

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...

UBUNTU-CVE-2021-47642

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...

CVE-2022-49401

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

CVE-2022-49401 mm/page_owner: use strscpy() instead of strlcpy()

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

CVE-2022-49401 mm/page_owner: use strscpy() instead of strlcpy()

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

CVE-2022-49401

CVE-2022-49401 pertains to the Linux kernel, where a fault in mm/page_owner handling was fixed: current->comm[] is not guaranteed to be a proper string, and using strlcpy(s1, s2, l) may call strlen(s2) and trigger out-of-bounds access. The fix replaces strlcpy with strscpy() in mm/page_owner.c...

CVE-2021-47642

CVE-2021-47642: in the Linux kernel’s video fbdev/nvidiafb path, a fixed-size buffer overrun could occur by copying a channel name with strcpy into chan->adapter.name. The defect arises from copying into a 48-char buffer without length checks; fix is to use strscpy() to prevent overflows. The ...

CVE-2021-47642

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...

CVE-2021-47642 video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of strlcpy instead of strscpy by mm/pageowner...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the return value of dpath not being handled incorrectly in the getcanonicaldevpath function, resulting in a...

PT-2025-8819

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential buffer overflow issue has been identified in the Linux kernel, specifically in the nfs sysfs link rpc client function. The issue arises from the use of strcat with a char arr...