[U-Boot] [PATCH v2 5/5] CVE-2019-14196: nfs: fix unbounded memcpy with a failed length check at nfs_lookup_reply //RE: [PATCH 5/5] CVE-2019-14196: nfs: fix unbounded memcpy with a failed length check at nfs_lookup_reply

Joe Hershberger joe.hershberger at ni.com
Tue Sep 3 18:33:16 UTC 2019


On Thu, Aug 29, 2019 at 8:49 AM liucheng (G) <liucheng32 at huawei.com> wrote:
>
> Changes in v2:
> - Add reported-by tag for patch 5/5
> --------------------------------------------------------------------------------------------------------------
> CVE-2019-14196: nfs: fix unbounded memcpy with a failed length check at nfs_lookup_reply
>
> This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply.
>
> Signed-off-by: Cheng Liu <liucheng32 at huawei.com>
> Reported-by: Fermín Serna <fermin at semmle.com>

Acked-by: Joe Hershberger <joe.hershberger at ni.com>


More information about the U-Boot mailing list