CVE-2024-43839

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bna: adjust &amp;#39;name&amp;#39; buf size of bna_tcb and bna_ccb structures<br /> <br /> To have enough space to write all possible sprintf() args. Currently<br /> &amp;#39;name&amp;#39; size is 16, but the first &amp;#39;%s&amp;#39; specifier may already need at<br /> least 16 characters, since &amp;#39;bnad-&gt;netdev-&gt;name&amp;#39; is used there.<br /> <br /> For &amp;#39;%d&amp;#39; specifiers, assume that they require:<br /> * 1 char for &amp;#39;tx_id + tx_info-&gt;tcb[i]-&gt;id&amp;#39; sum, BNAD_MAX_TXQ_PER_TX is 8<br /> * 2 chars for &amp;#39;rx_id + rx_info-&gt;rx_ctrl[i].ccb-&gt;id&amp;#39;, BNAD_MAX_RXP_PER_RX<br /> is 16<br /> <br /> And replace sprintf with snprintf.<br /> <br /> Detected using the static analysis tool - Svace.