In the Linux kernel, the following vulnerability has been resolved:
kunit/overflow: Fix UB in overflow_allocation_test
The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name when calling 'kunit_driver_create' from 'kunit_device_register'. It produces the kernel panic with KASAN enabled.
Since this variable is used in one place only, remove it and pass the device name into kunit_device_register directly as an ascii string.
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:H5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H