panasalap / linux-4.19.72_wext-sme

Other
0 stars 0 forks source link

CVE-2023-52464 (High) detected in linux-yoctov5.4.51 #533

Open mend-bolt-for-github[bot] opened 8 months ago

mend-bolt-for-github[bot] commented 8 months ago

CVE-2023-52464 - High Severity Vulnerability

Vulnerable Library - linux-yoctov5.4.51

Yocto Linux Embedded kernel

Library home page: https://git.yoctoproject.org/git/linux-yocto

Found in HEAD commit: 662967c12efbaddc3a053fdcbe4461a3a774fd7f

Found in base branch: master

Vulnerable Source Files (2)

/drivers/edac/thunderx_edac.c /drivers/edac/thunderx_edac.c

Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]

Publish Date: 2024-02-23

URL: CVE-2023-52464

CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.linuxkernelcves.com/cves/CVE-2023-52464

Release Date: 2024-02-23

Fix Resolution: v4.19.306,v5.4.268,v5.10.209,v5.15.148,v6.1.75,v6.6.14,v6.7.2


Step up your Open Source Security Game with Mend here