CVE-2026-31747

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> comedi: me4000: Fix potential overrun of firmware buffer<br /> <br /> `me4000_xilinx_download()` loads the firmware that was requested by<br /> `request_firmware()`. It is possible for it to overrun the source<br /> buffer because it blindly trusts the file format. It reads a data<br /> stream length from the first 4 bytes into variable `file_length` and<br /> reads the data stream contents of length `file_length` from offset 16<br /> onwards.<br /> <br /> Add a test to ensure that the supplied firmware is long enough to<br /> contain the header and the data stream. On failure, log an error and<br /> return `-EINVAL`.<br /> <br /> Note: The firmware loading was totally broken before commit ac584af59945<br /> ("staging: comedi: me4000: fix firmware downloading"), but that is the<br /> most sensible target for this fix.