CVE-2025-71197

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> w1: therm: Fix off-by-one buffer overflow in alarms_store<br /> <br /> The sysfs buffer passed to alarms_store() is allocated with &amp;#39;size + 1&amp;#39;<br /> bytes and a NUL terminator is appended. However, the &amp;#39;size&amp;#39; argument<br /> does not account for this extra byte. The original code then allocated<br /> &amp;#39;size&amp;#39; bytes and used strcpy() to copy &amp;#39;buf&amp;#39;, which always writes one<br /> byte past the allocated buffer since strcpy() copies until the NUL<br /> terminator at index &amp;#39;size&amp;#39;.<br /> <br /> Fix this by parsing the &amp;#39;buf&amp;#39; parameter directly using simple_strtoll()<br /> without allocating any intermediate memory or string copying. This<br /> removes the overflow while simplifying the code.