CVE-2024-47682 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bounds memory access when accessing the zoned field at offset 8.

Reserved 2024-09-30 | Published 2024-10-21 | Updated 2024-12-19 | Assigner Linux

Product status

Default status

unaffected

7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 60312ae7392f9c75c6591a52fc359cf7f810d48f

affected

7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 568c7c4c77eee6df7677bb861b7cee7398a3255d

affected

7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before a776050373893e4c847a49abeae2ccb581153df0

affected

7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 413df704f149dec585df07466d2401bbd1f490a0

affected

7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before f81eaf08385ddd474a2f41595a7757502870c0eb

affected

Default status

affected

5.19

affected

Any version before 5.19

unaffected

6.1.113

unaffected

6.6.54

unaffected

6.10.13

unaffected

6.11.2

unaffected

6.12

unaffected

References

git.kernel.org/...c/60312ae7392f9c75c6591a52fc359cf7f810d48f

git.kernel.org/...c/568c7c4c77eee6df7677bb861b7cee7398a3255d

git.kernel.org/...c/a776050373893e4c847a49abeae2ccb581153df0

git.kernel.org/...c/413df704f149dec585df07466d2401bbd1f490a0

git.kernel.org/...c/f81eaf08385ddd474a2f41595a7757502870c0eb

cve.org (CVE-2024-47682)

nvd.nist.gov (CVE-2024-47682)

Download JSON