{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52464", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.296Z", "datePublished": "2024-02-23T14:46:24.150Z", "dateUpdated": "2025-05-04T07:37:16.530Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:37:16.530Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/thunderx: Fix possible out-of-bounds string access\n\nEnabling -Wstringop-overflow globally exposes a warning for a common bug\nin the usage of strncat():\n\n drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':\n drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=]\n 1136 | strncat(msg, other, OCX_MESSAGE_SIZE);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n ...\n 1145 | strncat(msg, other, OCX_MESSAGE_SIZE);\n ...\n 1150 | strncat(msg, other, OCX_MESSAGE_SIZE);\n\n ...\n\nApparently the author of this driver expected strncat() to behave the\nway that strlcat() does, which uses the size of the destination buffer\nas its third argument rather than the length of the source buffer. The\nresult is that there is no check on the size of the allocated buffer.\n\nChange it to strlcat().\n\n [ bp: Trim compiler output, fixup commit message. ]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/edac/thunderx_edac.c"], "versions": [{"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "71c17ee02538802ceafc830f0736aa35b564e601", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "6aa7865ba7ff7f0ede0035180fb3b9400ceb405a", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "700cf4bead80fac994dcc43ae1ca5d86d8959b21", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "9dbac9fdae6e3b411fc4c3fca3bf48f70609c398", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "e1c86511241588efffaa49556196f09a498d5057", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "426fae93c01dffa379225eb2bd4d3cdc42c6eec5", "status": "affected", "versionType": "git"}, {"version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "475c58e1a471e9b873e3e39958c64a2d278275c8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/edac/thunderx_edac.c"], "versions": [{"version": "4.12", "status": "affected"}, {"version": "0", "lessThan": "4.12", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "4.19.306"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "5.4.268"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "5.10.209"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "5.15.148"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.1.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.6.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.7.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601"}, {"url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6"}, {"url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a"}, {"url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21"}, {"url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398"}, {"url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057"}, {"url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5"}, {"url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8"}], "title": "EDAC/thunderx: Fix possible out-of-bounds string access", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52464", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-23T18:16:12.525994Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:24:08.394Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:19.771Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:19.771Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52464", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-23T18:16:12.525994Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:13.131Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "EDAC/thunderx: Fix possible out-of-bounds string access", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "71c17ee02538802ceafc830f0736aa35b564e601", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "6aa7865ba7ff7f0ede0035180fb3b9400ceb405a", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "700cf4bead80fac994dcc43ae1ca5d86d8959b21", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "9dbac9fdae6e3b411fc4c3fca3bf48f70609c398", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "e1c86511241588efffaa49556196f09a498d5057", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "426fae93c01dffa379225eb2bd4d3cdc42c6eec5", "versionType": "git"}, {"status": "affected", "version": "41003396f932d7f027725c7acebb6a7caa41dc3e", "lessThan": "475c58e1a471e9b873e3e39958c64a2d278275c8", "versionType": "git"}], "programFiles": ["drivers/edac/thunderx_edac.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.12"}, {"status": "unaffected", "version": "0", "lessThan": "4.12", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.306", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.268", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.209", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.148", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.75", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.14", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.2", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/edac/thunderx_edac.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601"}, {"url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6"}, {"url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a"}, {"url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21"}, {"url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398"}, {"url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057"}, {"url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5"}, {"url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/thunderx: Fix possible out-of-bounds string access\n\nEnabling -Wstringop-overflow globally exposes a warning for a common bug\nin the usage of strncat():\n\n drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':\n drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=]\n 1136 | strncat(msg, other, OCX_MESSAGE_SIZE);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n ...\n 1145 | strncat(msg, other, OCX_MESSAGE_SIZE);\n ...\n 1150 | strncat(msg, other, OCX_MESSAGE_SIZE);\n\n ...\n\nApparently the author of this driver expected strncat() to behave the\nway that strlcat() does, which uses the size of the destination buffer\nas its third argument rather than the length of the source buffer. The\nresult is that there is no check on the size of the allocated buffer.\n\nChange it to strlcat().\n\n [ bp: Trim compiler output, fixup commit message. ]"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.306", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.268", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.209", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.148", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.75", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.14", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.2", "versionStartIncluding": "4.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8", "versionStartIncluding": "4.12"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:37:16.530Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52464", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:37:16.530Z", "dateReserved": "2024-02-20T12:30:33.296Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-23T14:46:24.150Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9505037C-AC94-4E5C-BF56-B3EAE3BEE109", "versionEndExcluding": "4.19.306", "versionStartIncluding": "4.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "35ADF607-EDCA-45AB-8FB6-9F2D40D47C0C", "versionEndExcluding": "5.4.268", "versionStartIncluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D2E4F24-2FBB-4434-8598-2B1499E566B5", "versionEndExcluding": "5.10.209", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E25E1389-4B0F-407A-9C94-5908FF3EE88B", "versionEndExcluding": "5.15.148", "versionStartIncluding": "5.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C4951FA-80C0-4B4C-9836-6E5035DEB0F9", "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDBBEB0E-D13A-4567-8984-51C5375350B9", "versionEndExcluding": "6.6.14", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EA3778C-730B-464C-8023-18CA6AC0B807", "versionEndExcluding": "6.7.2", "versionStartIncluding": "6.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/thunderx: Fix possible out-of-bounds string access\n\nEnabling -Wstringop-overflow globally exposes a warning for a common bug\nin the usage of strncat():\n\n drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':\n drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=]\n 1136 | strncat(msg, other, OCX_MESSAGE_SIZE);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n ...\n 1145 | strncat(msg, other, OCX_MESSAGE_SIZE);\n ...\n 1150 | strncat(msg, other, OCX_MESSAGE_SIZE);\n\n ...\n\nApparently the author of this driver expected strncat() to behave the\nway that strlcat() does, which uses the size of the destination buffer\nas its third argument rather than the length of the source buffer. The\nresult is that there is no check on the size of the allocated buffer.\n\nChange it to strlcat().\n\n [ bp: Trim compiler output, fixup commit message. ]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: EDAC/thunderx: corrige un posible acceso a cadenas fuera de los l\u00edmites Al habilitar -Wstringop-overflow globalmente se expone una advertencia para un error com\u00fan en el uso de strncat(): drivers/edac/ thunderx_edac.c: En la funci\u00f3n 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' el l\u00edmite especificado 1024 es igual al tama\u00f1o de destino [-Werror=stringop-overflow=] 1136 | strncat(msj, otro, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msj, otro, OCX_MESSAGE_SIZE); ... 1150 | strncat(msj, otro, OCX_MESSAGE_SIZE); ... Aparentemente, el autor de este controlador esperaba que strncat() se comportara de la manera que lo hace strlcat(), que utiliza el tama\u00f1o del b\u00fafer de destino como tercer argumento en lugar de la longitud del b\u00fafer de origen. El resultado es que no se comprueba el tama\u00f1o del b\u00fafer asignado. C\u00e1mbielo a strlcat(). [bp: recortar la salida del compilador, mensaje de confirmaci\u00f3n de reparaci\u00f3n. ]"}], "id": "CVE-2023-52464", "lastModified": "2024-11-21T08:39:49.893", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-23T15:15:08.647", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4352", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-08T00:00:00Z"}, {"advisory": "RHSA-2024:4211", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.8.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c", "id": "2265800", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265800"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.9", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L", "status": "verified"}, "cwe": "CWE-805", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nEDAC/thunderx: Fix possible out-of-bounds string access\nEnabling -Wstringop-overflow globally exposes a warning for a common bug\nin the usage of strncat():\ndrivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':\ndrivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=]\n1136 | strncat(msg, other, OCX_MESSAGE_SIZE);\n| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n...\n1145 | strncat(msg, other, OCX_MESSAGE_SIZE);\n...\n1150 | strncat(msg, other, OCX_MESSAGE_SIZE);\n...\nApparently the author of this driver expected strncat() to behave the\nway that strlcat() does, which uses the size of the destination buffer\nas its third argument rather than the length of the source buffer. The\nresult is that there is no check on the size of the allocated buffer.\nChange it to strlcat().\n[ bp: Trim compiler output, fixup commit message. ]", "A flaw was found in the Linux Kernel. An improper buffer size is provided to the strncat function, which may result in an out-of-bounds write, leading to memory corruption or a denial of service."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available."}, "name": "CVE-2023-52464", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52464\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52464\nhttps://lore.kernel.org/linux-cve-announce/2024022336-CVE-2023-52464-b17c@gregkh/T/#u"], "statement": "Because the functions in question pass as arguments static strings with a known size, none of which exceed the size of the allocated buffer, this flaw is not known to be exploitable under any supported scenario.", "threat_severity": "Low"}

{}