We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47682

scsi: sd: Fix off-by-one error in sd_read_block_characteristics()



AssignerLinux
Reserved2024-09-30
Published2024-10-21
Updated2024-10-21

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bounds memory access when accessing the zoned field at offset 8.

Product status

Default status
unaffected

7fb019c46eee before 60312ae7392f
affected

7fb019c46eee before 568c7c4c77ee
affected

7fb019c46eee before a77605037389
affected

7fb019c46eee before 413df704f149
affected

7fb019c46eee before f81eaf08385d
affected

Default status
affected

5.19
affected

Any version before 5.19
unaffected

6.1.113
unaffected

6.6.54
unaffected

6.10.13
unaffected

6.11.2
unaffected

6.12-rc1
unaffected

References

https://git.kernel.org/stable/c/60312ae7392f9c75c6591a52fc359cf7f810d48f

https://git.kernel.org/stable/c/568c7c4c77eee6df7677bb861b7cee7398a3255d

https://git.kernel.org/stable/c/a776050373893e4c847a49abeae2ccb581153df0

https://git.kernel.org/stable/c/413df704f149dec585df07466d2401bbd1f490a0

https://git.kernel.org/stable/c/f81eaf08385ddd474a2f41595a7757502870c0eb

cve.org CVE-2024-47682

nvd.nist.gov CVE-2024-47682

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.