{"id":"CVE-2024-43839","summary":"bna: adjust 'name' buf size of bna_tcb and bna_ccb structures","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbna: adjust 'name' buf size of bna_tcb and bna_ccb structures\n\nTo have enough space to write all possible sprintf() args. Currently\n'name' size is 16, but the first '%s' specifier may already need at\nleast 16 characters, since 'bnad-\u003enetdev-\u003ename' is used there.\n\nFor '%d' specifiers, assume that they require:\n * 1 char for 'tx_id + tx_info-\u003etcb[i]-\u003eid' sum, BNAD_MAX_TXQ_PER_TX is 8\n * 2 chars for 'rx_id + rx_info-\u003erx_ctrl[i].ccb-\u003eid', BNAD_MAX_RXP_PER_RX\n   is 16\n\nAnd replace sprintf with snprintf.\n\nDetected using the static analysis tool - Svace.","modified":"2026-04-16T04:38:58.811275959Z","published":"2024-08-17T09:21:55.085Z","related":["SUSE-SU-2024:3189-1","SUSE-SU-2024:3190-1","SUSE-SU-2024:3194-1","SUSE-SU-2024:3195-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3251-1","SUSE-SU-2024:3252-1","SUSE-SU-2024:3383-1","SUSE-SU-2024:3483-1","SUSE-SU-2025:20044-1","SUSE-SU-2025:20047-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43839.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/6ce46045f9b90d952602e2c0b8886cfadf860bf1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6d20c4044ab4d0e6a99aa35853e66f0aed5589e3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ab748dd10d8742561f2980fea08ffb4f0cacfdef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c90b1cd7758fd4839909e838ae195d19f8065d76"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c9741a03dc8e491e57b95fba0058ab46b7e506da"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e0f48f51d55fb187400e9787192eda09fa200ff5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f121740f69eda4da2de9a20a6687a13593e72540"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43839.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43839"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8b230ed8ec96c933047dd0625cf95f739e4939a6"},{"fixed":"f121740f69eda4da2de9a20a6687a13593e72540"},{"fixed":"c90b1cd7758fd4839909e838ae195d19f8065d76"},{"fixed":"6ce46045f9b90d952602e2c0b8886cfadf860bf1"},{"fixed":"6d20c4044ab4d0e6a99aa35853e66f0aed5589e3"},{"fixed":"ab748dd10d8742561f2980fea08ffb4f0cacfdef"},{"fixed":"b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43"},{"fixed":"e0f48f51d55fb187400e9787192eda09fa200ff5"},{"fixed":"c9741a03dc8e491e57b95fba0058ab46b7e506da"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43839.json"}}],"schema_version":"1.7.5"}