摘要:
In the Linux kernel, the following vulnerability has been resolved:of: fdt: fix off-by-one error in unflatten_dt_nodes()Commit 78c44d910d3e ( drivers/of: Fix depth when unflattening devicetree )forgot to fix up the depth check in the loop body in unflatten_dt_nodes()which makes it possible to overflow the nps[] buffer...Found by Linux Verification Center (linuxtesting.org) with the SVACE staticanalysis tool.
安全等级: Low
公告ID: KylinSec-SA-2024-2604
发布日期: 2024年6月5日
关联CVE: CVE-2022-48672
In the Linux kernel, the following vulnerability has been resolved:of: fdt: fix off-by-one error in unflatten_dt_nodes()Commit 78c44d910d3e ( drivers/of: Fix depth when unflattening devicetree )forgot to fix up the depth check in the loop body in unflatten_dt_nodes()which makes it possible to overflow the nps[] buffer...Found by Linux Verification Center (linuxtesting.org) with the SVACE staticanalysis tool.
cve名称 | 产品 | 组件 | 是否受影响 |
---|