CVE-2022-48967 NFC: nci: Bounds check struct nfc_target arrays

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

CVE-2022-48967

CVE-2022-48967 affects the Linux kernel NFC subsystem (NCI) and stems from a missing bounds check in nci_add_new_protocol, allowing a potential field-spanning write to target->sensf_res under Fortify and triggering an out-of-bounds write. The issue is concrete: a bounds error in net/nfc/nci/nt...