4 matches found
kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
A vulnerability was found in the Linux kernel's qla2xxx SCSI driver, specifically in the qlaedifappgetstats function, where an off-by-one error in array access could lead to memory corruption. This issue affects the appreply-elem array, where an incorrect comparison allowed out-of-bounds access...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables: nftsetrbtree skip end interval element from gc CVE-2024-26581 kernel: netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 kernel: vfio/pci: Loc...
SUSE CVE-2024-36025
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qlaedifappgetstats The appreply-elem array is allocated earlier in this function and it has appreq.numports elements. Thus this comparison needs to be = to prevent memory corruption...
DEBIAN-CVE-2024-36025
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qlaedifappgetstats The appreply-elem array is allocated earlier in this function and it has appreq.numports elements. Thus this comparison needs to be = to prevent memory corruption...