Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:octeontx2-af: avoid off-by-one read from userspaceWe try to access count + 1 byte from userspace with memdup_user(buffer,count + 1). However, the userspace only provides buffer of count bytes andonly these count bytes are verified to be okay to access. To ensure thecopied buffer is NUL terminated, we use memdup_user_nul instead.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds