Azure Linux 3.0 Security Update: kernel (CVE-2024-47682)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47682 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in...

The vulnerability of the sd_read_block_characteristics() function in the Linux operating system’s SCSI kernel driver allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sdreadblockcharacteristics function in the drivers/scsi/sd.c file of the Linux SCSI kernel driver is related to incorrect calculation of the buffer boundary. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2024-47682

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sdreadblockcharacteristics Ff the device returns page 0xb1 with length 8 happens with qemu v2.x, for example, sdreadblockcharacteristics may attempt an out-of-bounds memory access when accessing...

CVE-2024-47682

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sdreadblockcharacteristics Ff the device returns page 0xb1 with length 8 happens with qemu v2.x, for example, sdreadblockcharacteristics may attempt an out-of-bounds memory access when accessing...

CVE-2024-47682

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sdreadblockcharacteristics Ff the device returns page 0xb1 with length 8 happens with qemu v2.x, for example, sdreadblockcharacteristics may attempt an out-of-bounds memory access when accessing...

CVE-2024-47682

CVE-2024-47682 – Linux kernel scsi sd off-by-one fix (detailed in connected docs): The vulnerability arises in sd_read_block_characteristics() when a device returns page 0xb1 with length 8, potentially allowing an out-of-bounds memory access at offset 8 of the zoned field. The issue has been reso...

CVE-2024-47682 scsi: sd: Fix off-by-one error in sd_read_block_characteristics()

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sdreadblockcharacteristics Ff the device returns page 0xb1 with length 8 happens with qemu v2.x, for example, sdreadblockcharacteristics may attempt an out-of-bounds memory access when accessing...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an off-by-one error in the sdreadblockcharacteristics function, which could lead to out-of-bounds memory...