6.10.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

linux

NVD

Published: 2024-08-08

Updated: 2024-09-06

Summary

In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostr_pad() for s_volume_name As with the other strings in struct ext4_super_block, s_volume_name is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 ("ext4: add nonstring annotations to ext4.h"). Using strscpy() isn't the right replacement for strncpy(); it should use memtostr_pad() instead.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.10 Linux Linux Kernel 6.10.0	11

References

https://git.kernel.org/stable/c/4378be89ddb7de88d984b67ecfd6191686c42817
https://git.kernel.org/stable/c/be27cd64461c45a6088a91a04eba5cd44e1767ef