Описание
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux-2.6 | not-affected | package | ||
| kernel-source-2.4.27 | fixed | 2.4.27-8 | package |
Примечания
generic .c version fixed in 2.6.x but not in 2.4.x
arch specific asm versions:
x86 is not affected
ppc32 fixed in 2.4.22-rc4
not an issue on alpha, see bug #280492
above fixes s390x, ppc64 and s390 and generic C version
EPSS
Связанные уязвимости
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
EPSS