CVE-2003-0465

NameCVE-2003-0465
DescriptionThe kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kernel-source-2.4.27source(unstable)2.4.27-8
linux-2.6source(unstable)(not affected)

Notes

- linux-2.6 <not-affected> (Generic C version fixed in 2.6.x)
generic .c version fixed in 2.6.x but not in 2.4.x
arch specific asm versions:
x86 is not affected
ppc32 fixed in 2.4.22-rc4
not an issue on alpha, see bug #280492
above fixes s390x, ppc64 and s390 and generic C version

Search for package or bug name: Reporting problems