Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-47682
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-21 Oct, 2024 | 11:53
Updated At-04 May, 2025 | 09:37
Rejected At-
▼CVE Numbering Authority (CNA)
scsi: sd: Fix off-by-one error in sd_read_block_characteristics()

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bounds memory access when accessing the zoned field at offset 8.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/sd.c
Default Status
unaffected
Versions
Affected
  • From 7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 60312ae7392f9c75c6591a52fc359cf7f810d48f (git)
  • From 7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 568c7c4c77eee6df7677bb861b7cee7398a3255d (git)
  • From 7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before a776050373893e4c847a49abeae2ccb581153df0 (git)
  • From 7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before 413df704f149dec585df07466d2401bbd1f490a0 (git)
  • From 7fb019c46eeea4e3cc3ddfd3e01a24e610f34fac before f81eaf08385ddd474a2f41595a7757502870c0eb (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/sd.c
Default Status
affected
Versions
Affected
  • 5.19
Unaffected
  • From 0 before 5.19 (semver)
  • From 6.1.113 through 6.1.* (semver)
  • From 6.6.54 through 6.6.* (semver)
  • From 6.10.13 through 6.10.* (semver)
  • From 6.11.2 through 6.11.* (semver)
  • From 6.12 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/60312ae7392f9c75c6591a52fc359cf7f810d48f
N/A
https://git.kernel.org/stable/c/568c7c4c77eee6df7677bb861b7cee7398a3255d
N/A
https://git.kernel.org/stable/c/a776050373893e4c847a49abeae2ccb581153df0
N/A
https://git.kernel.org/stable/c/413df704f149dec585df07466d2401bbd1f490a0
N/A
https://git.kernel.org/stable/c/f81eaf08385ddd474a2f41595a7757502870c0eb
N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found