Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. The result is that there is no check on the size of the allocated buffer. Change it to strlcat(). [ bp: Trim compiler output, fixup commit message. ]
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2265812]
https://lore.kernel.org/linux-cve-announce/2024022336-CVE-2023-52464-b17c@gregkh/T/#u Issue introduced in 4.12 with commit 41003396f932 and fixed in 4.19.306 with commit 71c17ee02538 Issue introduced in 4.12 with commit 41003396f932 and fixed in 5.4.268 with commit 5da3b6e7196f Issue introduced in 4.12 with commit 41003396f932 and fixed in 5.10.209 with commit 6aa7865ba7ff Issue introduced in 4.12 with commit 41003396f932 and fixed in 5.15.148 with commit 700cf4bead80 Issue introduced in 4.12 with commit 41003396f932 and fixed in 6.1.75 with commit 9dbac9fdae6e Issue introduced in 4.12 with commit 41003396f932 and fixed in 6.6.14 with commit e1c865112415 Issue introduced in 4.12 with commit 41003396f932 and fixed in 6.7.2 with commit 426fae93c01d Issue introduced in 4.12 with commit 41003396f932 and fixed in 6.8-rc1 with commit 475c58e1a471
This was fixed for Fedora with the 6.6.14 stable kernel updates.