Wind River Support Network

HomeDefectsLIN1022-25098
Acknowledged

LIN1022-25098 : Security Advisory - linux - CVE-2026-31786

Created: May 12, 2026    Updated: May 14, 2026
Found In Version: 10.22.33.2
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:  Buffer overflow in drivers/xen/sys-hypervisor.c  The build id returned by HYPERVISOR_xen_version(XENVER_build_id) is neither NUL terminated nor a string.  The first causes a buffer overflow as sprintf in buildid_show will read and copy till it finds a NUL.  00000000  f4 91 51 f4 dd 38 9e 9d  65 47 52 eb 10 71 db 50  |..Q..8..eGR..q.P| 00000010  b9 a8 01 42 6f 2e 32                              |...Bo.2| 00000017  So use a memcpy instead of sprintf to have the correct value:  00000000  f4 91 51 f4 dd 00 9e 9d  65 47 52 eb 10 71 db 50  |..Q.....eGR..q.P| 00000010  b9 a8 01 42                                       |...B| 00000014  (the above have a hack to embed a zero inside and check it's returned correctly).  This is XSA-485 / CVE-2026-31786
  • Linkedin
  • Facebook
  • Twitter
  • Youtube