ghsa-c3h6-p6wc-j6mg
Vulnerability from github
Published
2025-09-23 21:30
Modified
2025-09-23 21:30
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow

Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidia_setup_i2c_bus() it looks like that can't happen after examiniing the call sites.

CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 1. fixed_size_dest: You might overrun the 48-character fixed-size string chan->adapter.name by copying name without checking the length. 2. parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. 89 strcpy(chan->adapter.name, name);

Fix this warning by using strscpy() which will silence the warning and prevent any future buffer overflows should the names used to identify the channel become much longer.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2021-47642"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T06:37:05Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow\n\nCoverity complains of a possible buffer overflow. However,\ngiven the \u0027static\u0027 scope of nvidia_setup_i2c_bus() it looks\nlike that can\u0027t happen after examiniing the call sites.\n\nCID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)\n1. fixed_size_dest: You might overrun the 48-character fixed-size string\n  chan-\u003eadapter.name by copying name without checking the length.\n2. parameter_as_source: Note: This defect has an elevated risk because the\n  source argument is a parameter of the current function.\n 89        strcpy(chan-\u003eadapter.name, name);\n\nFix this warning by using strscpy() which will silence the warning and\nprevent any future buffer overflows should the names used to identify the\nchannel become much longer.",
  "id": "GHSA-c3h6-p6wc-j6mg",
  "modified": "2025-09-23T21:30:53Z",
  "published": "2025-09-23T21:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47642"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.