{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-26818","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-19T14:20:24.180Z","datePublished":"2024-04-17T09:43:46.582Z","dateUpdated":"2025-05-04T08:57:15.861Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:57:15.861Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntools/rtla: Fix clang warning about mount_point var size\n\nclang is reporting this warning:\n\n$ make HOSTCC=clang CC=clang LLVM_IAS=1\n[...]\nclang -O -g -DVERSION=\\\"6.8.0-rc3\\\" -flto=auto -fexceptions\n\t-fstack-protector-strong -fasynchronous-unwind-tables\n\t-fstack-clash-protection  -Wall -Werror=format-security\n\t-Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS\n\t$(pkg-config --cflags libtracefs)    -c -o src/utils.o src/utils.c\n\nsrc/utils.c:548:66: warning: 'fscanf' may overflow; destination buffer in argument 3 has size 1024, but the corresponding specifier may require size 1025 [-Wfortify-source]\n  548 |         while (fscanf(fp, \"%*s %\" STR(MAX_PATH) \"s %99s %*s %*d %*d\\n\", mount_point, type) == 2) {\n      |                                                                         ^\n\nIncrease mount_point variable size to MAX_PATH+1 to avoid the overflow."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["tools/tracing/rtla/src/utils.c"],"versions":[{"version":"a957cbc02531a23beeac6dd9e751f8d4dadaf7a9","lessThan":"8a585914c266dc044f53b5c83c170f79b45fcf9a","status":"affected","versionType":"git"},{"version":"a957cbc02531a23beeac6dd9e751f8d4dadaf7a9","lessThan":"6bdd43f62ab3bb5a306af7f0ab857af45777f5a8","status":"affected","versionType":"git"},{"version":"a957cbc02531a23beeac6dd9e751f8d4dadaf7a9","lessThan":"30369084ac6e27479a347899e74f523e6ca29b89","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["tools/tracing/rtla/src/utils.c"],"versions":[{"version":"6.5","status":"affected"},{"version":"0","lessThan":"6.5","status":"unaffected","versionType":"semver"},{"version":"6.6.18","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7.6","lessThanOrEqual":"6.7.*","status":"unaffected","versionType":"semver"},{"version":"6.8","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.6.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.7.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.8"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8a585914c266dc044f53b5c83c170f79b45fcf9a"},{"url":"https://git.kernel.org/stable/c/6bdd43f62ab3bb5a306af7f0ab857af45777f5a8"},{"url":"https://git.kernel.org/stable/c/30369084ac6e27479a347899e74f523e6ca29b89"}],"title":"tools/rtla: Fix clang warning about mount_point var size","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-17T17:41:47.702177Z","id":"CVE-2024-26818","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-17T17:49:11.639Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:14:13.532Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/8a585914c266dc044f53b5c83c170f79b45fcf9a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6bdd43f62ab3bb5a306af7f0ab857af45777f5a8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/30369084ac6e27479a347899e74f523e6ca29b89","tags":["x_transferred"]}]}]}}