Public bug reported:
SRU Justification:
[Impact]
The sysfs store/show functions use sprintf without specifying a size which
could lead to potential buffer overflow.
[Fix]
Replace sprintf with snprintf to avoid buffer overflow. Also, remove the
redundant strlen usage since count is already available in the _store functions.
[Test Plan]
Read/write access to the EEPROM MFG fields can be tested via the sysfs entries
that are exposed by the driver. Please note that the MFG partition is locked in
order to protect the data and this could block all writes to it. In order to
enable writes to the EEPROM, the MFG Info needs to be reset via the UEFI Device
Manager.
[Regression Potential]
Can be considered minimum.
** Affects: linux-bluefield (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1931981
Title:
mlx-bootctl: Fix potential buffer overflow
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1931981/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
