[SRU][M/J][PATCH 0/1] CVE-2024-26736
Bethany Jamison
bethany.jamison at canonical.com
Thu Apr 18 17:08:22 UTC 2024
[Impact]
In the Linux kernel, the following vulnerability has been resolved:
afs: Increase buffer size in afs_update_volume_status()
The max length of volume->vid value is 20 characters.
So increase idbuf[] size up to 24 to avoid overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
[DH: Actually, it's 20 + NUL, so increase it to 24 and use snprintf()]
[Fix]
Mantic: Clean cherry-pick from linux-6.6.y
Jammy: Mantic patch applied cleanly
Focal: pending
Bionic: fix sent to esm ML
Xenial: not-affected
Trusty: not-affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
This fix affects those who use AFS (Andrew file system), an issue
with this fix would be visable to the user with unpredicted system
behavior or a system crash.
Daniil Dulov (1):
afs: Increase buffer size in afs_update_volume_status()
fs/afs/volume.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list