{"uuid": "3a9c6278-0199-4eea-bc22-a68d217a46b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52618", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16992", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-52618\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function 'process_msg_open.isra':\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: '%s' directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n  616 |                 snprintf(full_path, PATH_MAX, \"%s/%s\",\n      |                                                   ^~\nIn function 'rnbd_srv_get_full_path',\n    inlined from 'process_msg_open.isra' at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: 'snprintf' output between 2 and 4351 bytes into a destination of size 4096\n  616 |                 snprintf(full_path, PATH_MAX, \"%s/%s\",\n      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n  617 |                          dev_search_path, dev_name);\n      |                          ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present).\n\ud83d\udccf Published: 2024-03-18T10:19:05.275Z\n\ud83d\udccf Modified: 2025-05-20T14:27:29.992Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/95bc866c11974d3e4a9d922275ea8127ff809cf7\n2. https://git.kernel.org/stable/c/f6abd5e17da33eba15df2bddc93413e76c2b55f7\n3. https://git.kernel.org/stable/c/af7bbdac89739e2e7380387fda598848d3b7010f\n4. https://git.kernel.org/stable/c/5b9ea86e662035a886ccb5c76d56793cba618827\n5. https://git.kernel.org/stable/c/a2c6206f18104fba7f887bf4dbbfe4c41adc4339\n6. https://git.kernel.org/stable/c/9e4bf6a08d1e127bcc4bd72557f2dfafc6bc7f41", "creation_timestamp": "2025-05-20T14:40:58.000000Z"}