VYPR
Unrated severityNVD Advisory· Published Feb 26, 2025· Updated Oct 1, 2025

cifs: potential buffer overflow in handling symlinks

CVE-2022-49058

Description

In the Linux kernel, the following vulnerability has been resolved:

cifs: potential buffer overflow in handling symlinks

Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max)

It's caused because Smatch marks 'link_len' as untrusted since it comes from sscanf(). Add a check to ensure that 'link_len' is not larger than the size of the 'link_str' buffer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

171

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.