In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 [...] clang -O -g -DVERSION=\"6.8.0-rc3\" -flto=auto -fexceptions -fstack-protector-strong -fasynchronous-unwind-tables -fstack-clash-protection -Wall -Werror=format-security -Wp,-DFORTIFYSOURCE=2 -Wp,-DGLIBCXXASSERTIONS $(pkg-config --cflags libtracefs) -c -o src/utils.o src/utils.c src/utils.c:548:66: warning: 'fscanf' may overflow; destination buffer in argument 3 has size 1024, but the corresponding specifier may require size 1025 [-Wfortify-source] 548 | while (fscanf(fp, "%s %" STR(MAX_PATH) "s %99s %s %d %d\n", mountpoint, type) == 2) { | ^ Increase mountpoint variable size to MAX_PATH+1 to avoid the overflow.
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-aws-6.5-cloud-tools-6.5.0-1023", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-aws-6.5-headers-6.5.0-1023", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-aws-6.5-tools-6.5.0-1023", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-buildinfo-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-cloud-tools-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-aws-dbgsym", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1023-aws", "binary_version": "6.5.0-1023.23~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-azure-6.5-cloud-tools-6.5.0-1024", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-azure-6.5-headers-6.5.0-1024", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-azure-6.5-tools-6.5.0-1024", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-buildinfo-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-cloud-tools-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1024-azure-dbgsym", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1024-azure", "binary_version": "6.5.0-1024.25~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-gcp-6.5-headers-6.5.0-1024", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-gcp-6.5-tools-6.5.0-1024", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1024-gcp-dbgsym", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-modules-iwlwifi-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1024-gcp", "binary_version": "6.5.0-1024.26~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-buildinfo-6.5.0-44-generic-64k", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-cloud-tools-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-headers-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-headers-6.5.0-44-generic-64k", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-cloud-tools-6.5.0-44", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-cloud-tools-common", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-headers-6.5.0-44", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-tools-6.5.0-44", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-tools-common", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-hwe-6.5-tools-host", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-6.5.0-44-generic-dbgsym", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-generic-64k", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-generic-64k-dbgsym", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-generic-dbgsym", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-6.5.0-44-generic-64k", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-ipu6-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-ivsc-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-modules-iwlwifi-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-source-6.5.0", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-tools-6.5.0-44-generic", "binary_version": "6.5.0-44.44~22.04.1" }, { "binary_name": "linux-tools-6.5.0-44-generic-64k", "binary_version": "6.5.0-44.44~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-buildinfo-6.5.0-44-lowlatency-64k", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-cloud-tools-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-headers-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-headers-6.5.0-44-lowlatency-64k", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-lowlatency-64k", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-lowlatency-64k-dbgsym", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-44-lowlatency-dbgsym", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-cloud-tools-6.5.0-44", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-cloud-tools-common", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-headers-6.5.0-44", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-lib-rust-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-tools-6.5.0-44", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-tools-common", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-lowlatency-hwe-6.5-tools-host", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-modules-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-modules-6.5.0-44-lowlatency-64k", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-modules-iwlwifi-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-tools-6.5.0-44-lowlatency", "binary_version": "6.5.0-44.44.1~22.04.1" }, { "binary_name": "linux-tools-6.5.0-44-lowlatency-64k", "binary_version": "6.5.0-44.44.1~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-buildinfo-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-headers-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-headers-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-nvidia-64k-dbgsym", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-image-unsigned-6.5.0-1023-nvidia-dbgsym", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-modules-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-modules-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-modules-extra-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-modules-nvidia-fs-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-modules-nvidia-fs-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-nvidia-6.5-headers-6.5.0-1023", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-nvidia-6.5-tools-6.5.0-1023", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-nvidia-6.5-tools-host", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-tools-6.5.0-1023-nvidia", "binary_version": "6.5.0-1023.24" }, { "binary_name": "linux-tools-6.5.0-1023-nvidia-64k", "binary_version": "6.5.0-1023.24" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-headers-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-image-unsigned-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-image-unsigned-6.5.0-1027-oem-dbgsym", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-modules-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-modules-ipu6-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-modules-ivsc-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-modules-iwlwifi-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-modules-usbio-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-oem-6.5-headers-6.5.0-1027", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-oem-6.5-lib-rust-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-oem-6.5-tools-6.5.0-1027", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-oem-6.5-tools-host", "binary_version": "6.5.0-1027.28" }, { "binary_name": "linux-tools-6.5.0-1027-oem", "binary_version": "6.5.0-1027.28" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-buildinfo-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1026-oracle-64k-dbgsym", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-image-unsigned-6.5.0-1026-oracle-dbgsym", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-oracle-6.5-headers-6.5.0-1026", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-oracle-6.5-tools-6.5.0-1026", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1026-oracle", "binary_version": "6.5.0-1026.26~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1026-oracle-64k", "binary_version": "6.5.0-1026.26~22.04.1" } ] }
{ "availability": "No subscription required", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-headers-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-image-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-image-6.5.0-1017-starfive-dbgsym", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-modules-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-modules-extra-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-starfive-6.5-headers-6.5.0-1017", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-starfive-6.5-tools-6.5.0-1017", "binary_version": "6.5.0-1017.18~22.04.1" }, { "binary_name": "linux-tools-6.5.0-1017-starfive", "binary_version": "6.5.0-1017.18~22.04.1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "priority_reason": "Vulnerability is in a userspace tool used for tracing real-time events in the kernel.", "binaries": [ { "binary_name": "linux-buildinfo-6.8.0-2002-raspi-realtime", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-headers-6.8.0-2002-raspi-realtime", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-image-6.8.0-2002-raspi-realtime", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-image-6.8.0-2002-raspi-realtime-dbgsym", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-modules-6.8.0-2002-raspi-realtime", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-raspi-realtime-headers-6.8.0-2002", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-raspi-realtime-tools-6.8.0-2002", "binary_version": "6.8.0-2002.2" }, { "binary_name": "linux-tools-6.8.0-2002-raspi-realtime", "binary_version": "6.8.0-2002.2" } ] }