Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:ext4: use memtostr_pad() for s_volume_nameAs with the other strings in struct ext4_super_block, s_volume_name isnot NUL terminated. The other strings were marked in commit 072ebb3bffe6("ext4: add nonstring annotations to ext4.h"). Using strscpy() isn'tthe right replacement for strncpy(); it should use memtostr_pad()instead.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds