Updated: 2024-07-16 21:09:28.420987
Description:
In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volume->vid value is 20 characters. So increase idbuf[] size up to 24 to avoid overflow. Found by Linux Verification Center (linuxtesting.org) with SVACE. [DH: Actually, it's 20 + NUL, so increase it to 24 and use snprintf()]
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | NONE | 0 |
CVSS Version 3.x | MEDIUM | 4.7 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 4.7 | MEDIUM | Released | CLSA-2024:1718951563 | 2024-06-21 05:19:59 | |
Ubuntu 16.04 ELS | linux | 4.4.0 | 4.7 | MEDIUM | Not Vulnerable | 2024-07-07 03:02:50 | ||
Ubuntu 18.04 ELS | linux | 4.15.0 | 4.7 | MEDIUM | Released | CLSA-2024:1718950178 | 2024-06-21 02:55:56 |