CVE-2024-42288

MEDIUM EPSS 14.4%
Published Aug 17, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 9

  • git.kernel.org https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87db8d7b7520e99de71791260989f06f9c94953d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0302ffc74123b6a99d7d1896fcd9b2e4072d9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dae67169cb35a37ecccf60cfcd6bf93a1f4f5efb
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87db8d7b7520e99de71791260989f06f9c94953d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0302ffc74123b6a99d7d1896fcd9b2e4072d9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dae67169cb35a37ecccf60cfcd6bf93a1f4f5efb
    Patch