In the Linux kernel, the following vulnerability has been resolved:
of: fdt: fix off-by-one error in unflattendtnodes()
Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflattendtnodes() which makes it possible to overflow the nps[] buffer...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.