diff --git a/devicemodel/core/hugetlb.c b/devicemodel/core/hugetlb.c
index d39812b7b..073ade5c5 100644
--- a/devicemodel/core/hugetlb.c
+++ b/devicemodel/core/hugetlb.c
@@ -149,8 +149,9 @@ static int open_hugetlbfs(struct vmctx *ctx, int level)
 	}
 
 	uuid_copy(UUID, ctx->vm_uuid);
-	sprintf(uuid_str, "%02X%02X%02X%02X%02X%02X%02X%02X"
-		"%02X%02X%02X%02X%02X%02X%02X%02X\n",
+	snprintf(uuid_str, sizeof(uuid_str),
+		"%02X%02X%02X%02X%02X%02X%02X%02X"
+		"%02X%02X%02X%02X%02X%02X%02X%02X",
 		UUID[0], UUID[1], UUID[2], UUID[3],
 		UUID[4], UUID[5], UUID[6], UUID[7],
 		UUID[8], UUID[9], UUID[10], UUID[11],
diff --git a/devicemodel/core/smbiostbl.c b/devicemodel/core/smbiostbl.c
index 4020c1529..9b7e941ee 100644
--- a/devicemodel/core/smbiostbl.c
+++ b/devicemodel/core/smbiostbl.c
@@ -636,7 +636,7 @@ smbios_type4_initializer(struct smbios_structure *template_entry,
 			if (*p++ == '\0')
 				nstrings++;
 		}
-		len = sprintf(*endaddr - 1, "CPU #%d", i) + 1;
+		len = snprintf(*endaddr - 1, 16, "CPU #%d", i) + 1;
 		*endaddr += len - 1;
 		*(*endaddr) = '\0';
 		(*endaddr)++;