admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-476xx/CVE-2021-47642.json
cad-safe-bot 6a206bf025 Auto-Update: 2025-03-09T03:00:19.873769+00:00
2025-03-09 03:03:50 +00:00

57 lines
3.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-47642",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T06:37:05.993",
"lastModified": "2025-02-26T06:37:05.993",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow\n\nCoverity complains of a possible buffer overflow. However,\ngiven the 'static' scope of nvidia_setup_i2c_bus() it looks\nlike that can't happen after examiniing the call sites.\n\nCID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)\n1. fixed_size_dest: You might overrun the 48-character fixed-size string\n chan->adapter.name by copying name without checking the length.\n2. parameter_as_source: Note: This defect has an elevated risk because the\n source argument is a parameter of the current function.\n 89 strcpy(chan->adapter.name, name);\n\nFix this warning by using strscpy() which will silence the warning and\nprevent any future buffer overflows should the names used to identify the\nchannel become much longer."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: video: fbdev: nvidiafb: Use strscpy() para evitar el desbordamiento del b\u00fafer Coverity se queja de un posible desbordamiento del b\u00fafer. Sin embargo, dado el alcance 'est\u00e1tico' de nvidia_setup_i2c_bus(), parece que eso no puede suceder despu\u00e9s de examinar los sitios de llamada. CID 19036 (#1 de 1): Copiar en un b\u00fafer de tama\u00f1o fijo (STRING_OVERFLOW) 1. fixed_size_dest: Puede desbordar la cadena de tama\u00f1o fijo de 48 caracteres chan->adapter.name copiando name sin verificar la longitud. 2. parameter_as_source: Nota: Este defecto tiene un riesgo elevado porque el argumento source es un par\u00e1metro de la funci\u00f3n actual. 89 strcpy(chan->adapter.name, name); Corrija esta advertencia usando strscpy() que silenciar\u00e1 la advertencia y evitar\u00e1 futuros desbordamientos del b\u00fafer si los nombres utilizados para identificar el canal se vuelven mucho m\u00e1s largos."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}
Reference in New Issue View Git Blame Copy Permalink