References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NIST NVD-CWE-Other

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.10 up to (excluding) 6.10.1

https://git.kernel.org/stable/c/4378be89ddb7de88d984b67ecfd6191686c42817 No Types Assigned

https://git.kernel.org/stable/c/4378be89ddb7de88d984b67ecfd6191686c42817 Patch

https://git.kernel.org/stable/c/be27cd64461c45a6088a91a04eba5cd44e1767ef No Types Assigned

https://git.kernel.org/stable/c/be27cd64461c45a6088a91a04eba5cd44e1767ef Patch

In the Linux kernel, the following vulnerability has been resolved:

ext4: use memtostr_pad() for s_volume_name

As with the other strings in struct ext4_super_block, s_volume_name is
not NUL terminated. The other strings were marked in commit 072ebb3bffe6
("ext4: add nonstring annotations to ext4.h"). Using strscpy() isn't
the right replacement for strncpy(); it should use memtostr_pad()
instead.

kernel.org https://git.kernel.org/stable/c/4378be89ddb7de88d984b67ecfd6191686c42817 [No types assigned]

kernel.org https://git.kernel.org/stable/c/be27cd64461c45a6088a91a04eba5cd44e1767ef [No types assigned]