mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
53 lines
2.6 KiB
JSON
53 lines
2.6 KiB
JSON
{
|
|
"id": "CVE-2022-49058",
|
|
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"published": "2025-02-26T07:00:43.047",
|
|
"lastModified": "2025-02-26T07:00:43.047",
|
|
"vulnStatus": "Received",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: potential buffer overflow in handling symlinks\n\nSmatch printed a warning:\n\tarch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:\n\t__memcpy() 'dctx->buf' too small (16 vs u32max)\n\nIt's caused because Smatch marks 'link_len' as untrusted since it comes\nfrom sscanf(). Add a check to ensure that 'link_len' is not larger than\nthe size of the 'link_str' buffer."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: desbordamiento de b\u00fafer potencial al manejar enlaces simb\u00f3licos Smatch imprimi\u00f3 una advertencia: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' demasiado peque\u00f1o (16 vs u32max) Esto se debe a que Smatch marca 'link_len' como no confiable ya que proviene de sscanf(). Agregue una verificaci\u00f3n para asegurarse de que 'link_len' no sea m\u00e1s grande que el tama\u00f1o del b\u00fafer 'link_str'."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
}
|
|
]
|
|
} |