Linux Kernel tracing buffer overflow fix: NULL character validation in trace_probe.c

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. Vulnerability Description: - Title: tracing: Consider the NULL character when validating the event length - Description: The function returns the string length excluding the NULL byte. If the string length equals the maximum buffer size, there is no space left in the buffer for the NULL terminator. This patch checks for this condition and returns failure. 2. Patch Content: - File: - Modification Location: - Modified Code: 3. Patch Purpose: - Fix: Fixes the issue where the NULL character was not considered when validating event name length. � Resolution: Resolved by checking if the string length is greater than or equal to the maximum event name length. 4. Patch Status: - Status: Merged into the master branch. - Author: Leo Yan - Commit Time: 2024-10-07 15:47:24 +0100 - Committer: Greg Kroah-Hartman - Commit Time: 2024-11-01 01:58:28 +0100 5. Patch Link: - Link: https://lore.kernel.org/all/20241007144724.920954-1-leo.yan@arm.com/ 6. Patch Dependencies: - Depends On: This patch fixes ("tracing/probe: Check event name length correctly"). 7. Patch Review: - Reviewers: - Leo Yan - Steven Rostedt (Google) - Masami Hiramatsu (Google) - Sasha Levin This information helps us understand the background, purpose, and impact of the patch, as well as how it addresses the potential vulnerability.

Goal Reached Thanks to every supporter — we hit 100%!

Linux Kernel tracing buffer overflow fix: NULL character validation in trace_probe.c