Acknowledged
Created: Dec 16, 2025
Updated: Dec 18, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]mtdchar: fix integer overflow in read/write ioctls[EOL][EOL]The "req.start" and "req.len" variables are u64 values that come from the[EOL]user at the start of the function. We mask away the high 32 bits of[EOL]"req.len" so that's capped at U32_MAX but the "req.start" variable can go[EOL]up to U64_MAX which means that the addition can still integer overflow.[EOL][EOL]Use check_add_overflow() to fix this bug.
