kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer()
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data-block0" variable was not limited to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This issue could allow a local...