CVE-2025-71197

NONE EPSS 9.0%
Published Feb 4, 20264mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Feb 4, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer passed to alarms_store() is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byte. The original code then allocated 'size' bytes and used strcpy() to copy 'buf', which always writes one byte past the allocated buffer since strcpy() copies until the NUL terminator at index 'size'. Fix this by parsing the 'buf' parameter directly using simple_strtoll() without allocating any intermediate memory or string copying. This removes the overflow while simplifying the code.

Threat Intelligence

EPSS Exploit Probability
9.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/060b08d72a38b158a7f850d4b83c17c2969e0f6b
  • git.kernel.org https://git.kernel.org/stable/c/49ff9b4b9deacbefa6654a0a2bcaf910c9de7e95
  • git.kernel.org https://git.kernel.org/stable/c/6a5820ecfa5a76c3d3e154802c8c15f391ef442e
  • git.kernel.org https://git.kernel.org/stable/c/6fd6d2a8e41b7f544a4d26cbd60bedf9c67893a0
  • git.kernel.org https://git.kernel.org/stable/c/761fcf46a1bd797bd32d23f3ea0141ffd437668a
  • git.kernel.org https://git.kernel.org/stable/c/b3fc3e1f04dcc7c41787bbf08a6e0d2728e022cf
  • git.kernel.org https://git.kernel.org/stable/c/e6b2609af21b5cccc9559339591b8a2cbf884169

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.