Not to be fixed
Created: Feb 27, 2024
Updated: Mar 1, 2024
Resolved Date: Feb 29, 2024
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
mtd: physmap: physmap-bt1-rom: Fix unintentional stack access
Cast &data to (char *) in order to avoid unintentionally accessing
the stack.
Notice that data is of type u32, so any increment to &data
will be in the order of 4-byte chunks, and this piece of code
is actually intended to be a byte offset.
Addresses-Coverity-ID: 1497765 ("Out-of-bounds access")
CREATE(Triage):(User=admin) CVE-2021-46965 (https://nvd.nist.gov/vuln/detail/CVE-2021-46965)