Description
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copy_from_user() for a debugfs entry. Currently, it is possible that copy_from_user() copies more bytes than what would fit in the mybuf char array. Add a min() restriction check between sizeof(mybuf) - 1 and nbytes passed from the userspace buffer to protect against buffer overflow.
Product status
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before 644a9d5e22761a41d5005a26996a643da96de962
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before e0e7faee3a7dd6f51350cda64997116a247eb045
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before f91037487036e2d2f18d3c2481be6b9a366bde7f
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before a9df88cb31dcbd72104ec5883f35cbc1fb587e47
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before ad050f6cf681ebb850a9d4bc19474d3896476301
6a828b0f6192b4930894925d1c1d0dc1f1d99e6e (git) before c6087b82a9146826564a55c5ca0164cac40348f5
5.1
Any version before 5.1
5.4.244 (semver)
5.10.181 (semver)
5.15.113 (semver)
6.1.30 (semver)
6.3.4 (semver)
6.4 (original_commit_for_fix)
References
git.kernel.org/...c/644a9d5e22761a41d5005a26996a643da96de962
git.kernel.org/...c/e0e7faee3a7dd6f51350cda64997116a247eb045
git.kernel.org/...c/f91037487036e2d2f18d3c2481be6b9a366bde7f
git.kernel.org/...c/a9df88cb31dcbd72104ec5883f35cbc1fb587e47
git.kernel.org/...c/ad050f6cf681ebb850a9d4bc19474d3896476301
git.kernel.org/...c/c6087b82a9146826564a55c5ca0164cac40348f5