7.8

CVE-2022-49058

cifs: potential buffer overflow in handling symlinks

In the Linux kernel, the following vulnerability has been resolved:

cifs: potential buffer overflow in handling symlinks

Smatch printed a warning:
	arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:
	__memcpy() 'dctx->buf' too small (16 vs u32max)

It's caused because Smatch marks 'link_len' as untrusted since it comes
from sscanf(). Add a check to ensure that 'link_len' is not larger than
the size of the 'link_str' buffer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.37 < 4.9.311
LinuxLinux Kernel Version >= 4.10 < 4.14.276
LinuxLinux Kernel Version >= 4.15 < 4.19.239
LinuxLinux Kernel Version >= 4.20 < 5.4.190
LinuxLinux Kernel Version >= 5.5 < 5.10.112
LinuxLinux Kernel Version >= 5.11 < 5.15.35
LinuxLinux Kernel Version >= 5.16 < 5.17.4
LinuxLinux Kernel Version5.18 Updaterc1
LinuxLinux Kernel Version5.18 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.31% 0.231
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739
Patch
https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186
Patch
https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2
Patch
https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05
Patch
https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0
Patch
https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304
Patch
https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee
Patch
https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91
Patch