The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00473
Percentile: 0.63718

CVSS Scoring

Affected Products

• cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*
• cpe:2.3:o:linux:linux_kernel:2.5.0:*:*:*:*:*:*:*

← Back to Home