Security Advisory
CVE-2022-49058
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() dctx->buf too small (16 vs u32max) Its caused because Smatch marks link_len as untrusted since it comes from sscanf(). Add a check to ensure that link_len is not larger than the size of the link_str buffer.