Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
Coverity complains of a possible buffer overflow. However, given the ‘static’ scope of nvidia_setup_i2c_bus() it looks like that can’t happen after examiniing the call sites.
CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
- fixed_size_dest: You might overrun the 48-character fixed-size string chan->adapter.name by copying name without checking the length.
- parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. 89 strcpy(chan->adapter.name, name);
Fix this warning by using strscpy() which will silence the warning and prevent any future buffer overflows should the names used to identify the channel become much longer.
Details
- Affected product:
- CentOS 6 ELS , CloudLinux 6 ELS , Oracle Linux 6 ELS , Ubuntu 16.04 ELS
- Affected packages:
- kernel @ 2.6.32 (+4 more)
In the Linux kernel, the following vulnerability has been resolved:
video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
Coverity complains of a possible buffer overflow. However, given the ‘static’ scope of nvidia_setup_i2c_bus() it looks like that can’t happen after examiniing the call sites.
CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
- fixed_size_dest: You might overrun the 48-character fixed-size string chan->adapter.name by copying name without checking the length.
- parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. 89 strcpy(chan->adapter.name, name);
Fix this warning by using strscpy() which will silence the warning and prevent any future buffer overflows should the names used to identify the channel become much longer.