VYPR
Unrated severityNVD Advisory· Published May 30, 2024· Updated May 4, 2025

bna: ensure the copied buf is NUL terminated

CVE-2024-36934

Description

In the Linux kernel, the following vulnerability has been resolved:

bna: ensure the copied buf is NUL terminated

Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

118

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.