In the Linux kernel, the following vulnerability has been resolved:
tools/rtla: Fix clang warning about mount_point var size clang is reporting
this warning: $ make HOSTCC=clang CC=clang LLVM_IAS=1 […] clang -O -g
-DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong
-fasynchronous-unwind-tables -fstack-clash-protection -Wall
-Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS
$(pkg-config --cflags libtracefs) -c -o src/utils.o src/utils.c
src/utils.c:548:66: warning: ‘fscanf’ may overflow; destination buffer in
argument 3 has size 1024, but the corresponding specifier may require size
1025 [-Wfortify-source] 548 | while (fscanf(fp, “%*s %” STR(MAX_PATH) “s
%99s %*s %*d %*d\n”, mount_point, type) == 2) { | ^ Increase mount_point
variable size to MAX_PATH+1 to avoid the overflow.
Author | Note |
---|---|
Priority reason: Vulnerability is in a userspace tool used for tracing real-time events in the kernel. | |
sbeattie | The rtla tool is not included in the Ubuntu linux-tools packages. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-laptop | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-lowlatency | < any | UNKNOWN |
git.kernel.org/linus/30369084ac6e27479a347899e74f523e6ca29b89 (6.8-rc5)
git.kernel.org/stable/c/30369084ac6e27479a347899e74f523e6ca29b89
git.kernel.org/stable/c/6bdd43f62ab3bb5a306af7f0ab857af45777f5a8
git.kernel.org/stable/c/8a585914c266dc044f53b5c83c170f79b45fcf9a
launchpad.net/bugs/cve/CVE-2024-26818
nvd.nist.gov/vuln/detail/CVE-2024-26818
security-tracker.debian.org/tracker/CVE-2024-26818
www.cve.org/CVERecord?id=CVE-2024-26818