[U-Boot] [PATCH v2 4/5] CVE-2019-14195: nfs: fix unbounded memcpy with unvalidated length at nfs_readlink_reply //RE: [PATCH 4/5] CVE-2019-14195: nfs: fix unbounded memcpy with unvalidated length at nfs_readlink_reply

Joe Hershberger joe.hershberger at ni.com
Tue Sep 3 18:31:26 UTC 2019


On Thu, Aug 29, 2019 at 8:50 AM liucheng (G) <liucheng32 at huawei.com> wrote:
>
> Changes in v2:
> - Add reported-by tag for patch 4/5
> --------------------------------------------------------------------------------------------------------------
> CVE-2019-14195: nfs: fix unbounded memcpy with unvalidated length at nfs_readlink_reply
>
> This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply.
>
> Signed-off-by: Cheng Liu <liucheng32 at huawei.com>
> Reported-by: Fermín Serna <fermin at semmle.com>

Acked-by: Joe Hershberger <joe.hershberger at ni.com>


More information about the U-Boot mailing list