摘要:
In the Linux kernel, the following vulnerability has been resolved:
objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()
The csts_state_names[] array only has six sparse entries, but the
iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a
potential out-of-bounds stack read. Fix that.
Fixes the following warning with an UBSAN kernel:
vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section
安全等级: Low
公告ID: KylinSec-SA-2025-2419
发布日期: 2025年5月30日
关联CVE: CVE-2025-39778
在 Linux 内核中,以下漏洞已修复:
objtool, nvmet:修复 nvmet_ctrl_state_show() 中的越界栈访问
原代码中 csts_state_names[] 数组仅有 6 个稀疏条目,但 nvmet_ctrl_state_show() 函数的迭代代码循环了 7 次,导致潜在的越界栈读取。此修复通过限制循环次数解决该问题。
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-39778 | KY3.4-5A | kernel | Unaffected |
| CVE-2025-39778 | V6 | kernel | Unaffected |
