CVE-2022-49743
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ovl: Use "buf" flexible array for memcpy() destination
The "buf" flexible array needs to be the memcpy() destination to avoid false positive run-time warning from the recent FORTIFY_SOURCE hardening:
memcpy: detected field-spanning write (size 93) of single field "&fh->fb" at fs/overlayfs/export.c:799 (size 21)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | cbe7fba8edfc8cb8e621599e376f8ac5c224fa72 < 012cdef22000f3104e4fa8224ad29fde509b8caf | affected |
| Linux | Linux | cbe7fba8edfc8cb8e621599e376f8ac5c224fa72 < a77141a06367825d639ac51b04703d551163e36c | affected |
| Linux | Linux | cbe7fba8edfc8cb8e621599e376f8ac5c224fa72 < 07a96977b2f462337a9121302de64277b8747ab1 | affected |
| Linux | Linux | cbe7fba8edfc8cb8e621599e376f8ac5c224fa72 < cf8aa9bf97cadf85745506c6a3e244b22c268d63 | affected |
| Linux | Linux | 5.5 | affected |
| Linux | Linux | 0 < 5.5 | unaffected |
| Linux | Linux | 5.10.248 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.93 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.11 <= 6.1.* | unaffected |
| Linux | Linux | 6.2 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/012cdef22000f3104e4fa8224ad29fde509b8caf
- https://git.kernel.org/stable/c/a77141a06367825d639ac51b04703d551163e36c
- https://git.kernel.org/stable/c/07a96977b2f462337a9121302de64277b8747ab1
- https://git.kernel.org/stable/c/cf8aa9bf97cadf85745506c6a3e244b22c268d63
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.