Updated: 2024-10-25
CWE: CWE-129
Description:
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nfc/nci/ntf.c:260 (size 18) This appears to be a legitimate lack of bounds checking in nci_add_new_protocol(). Add the missing checks.
CVSS3: 7.1
OS | Vendor version | Errata |
---|---|---|
Ubuntu 18.04 | 4.15.0-206.217 | USN-5920-1 |
Ubuntu 18.04 AWS | 4.15.0-1151.164 | USN-5920-1 |
Ubuntu 18.04 HWE Focal | 5.4.0-144.161~18.04.1 | USN-5917-1 |
Ubuntu 20.04 | 5.4.0-144.161 | USN-5917-1 |
Ubuntu 18.04 AWS Focal | 5.4.0-1097.105~18.04.1 | USN-5917-1 |
Ubuntu 18.04 Azure Focal | 5.4.0-1104.110~18.04.1 | USN-5917-1 |
Ubuntu 20.04 AWS | 5.4.0-1097.105 | USN-5917-1 |
Ubuntu 16.04 HWE ESM | 4.15.0-206.217~16.04.1 | USN-5883-1 |
Ubuntu 16.04 GCP ESM | 4.15.0-1146.162~16.04.1 | USN-6007-1 |
Ubuntu 16.04 AWS HWE ESM | 4.15.0-1151.164~16.04.1 | USN-5919-1 |
Ubuntu 16.04 Azure ESM | 4.15.0-1162.177~16.04.1 | USN-5975-1 |
Debian 11 | 5.10.162-1 | DSA-5324-1 |
Ubuntu 22.04 | 5.15.0-67.74 | USN-5912-1 |
Ubuntu 22.04 AWS | 5.15.0-1031.35 | USN-5912-1 |
Ubuntu 22.04 Azure | 5.15.0-1034.41 | USN-5912-1 |
OS | Original kernel version | State |
---|---|---|
Ubuntu 18.04 | |
Planned |
Ubuntu 18.04 AWS | |
Planned |
Ubuntu 18.04 HWE Focal | |
Planned |
Ubuntu 20.04 | |
Planned |
Ubuntu 18.04 AWS Focal | |
Planned |
Ubuntu 18.04 Azure Focal | |
Planned |
Ubuntu 20.04 AWS | |
Planned |
Ubuntu 16.04 HWE ESM | |
Planned |
Ubuntu 16.04 GCP ESM | |
Planned |
Ubuntu 16.04 AWS HWE ESM | |
Planned |
Ubuntu 16.04 Azure ESM | |
Planned |
Debian 11 | |
Planned |
Ubuntu 22.04 | |
Planned |
Ubuntu 22.04 AWS | |
Planned |
Ubuntu 22.04 Azure | |
Planned |