6 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially...
CVE-2022-49401
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
CVE-2022-49401
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
CVE-2022-49401
CVE-2022-49401 pertains to the Linux kernel, where a fault in mm/page_owner handling was fixed: current->comm[] is not guaranteed to be a proper string, and using strlcpy(s1, s2, l) may call strlen(s2) and trigger out-of-bounds access. The fix replaces strlcpy with strscpy() in mm/page_owner.c...
CVE-2022-49401 mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
CVE-2022-49401
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...