CVE-2024-47682

HIGH EPSS 13.8%
Published Oct 21, 20241y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bounds memory access when accessing the zoned field at offset 8.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
13.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-193

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.19  –  <6.1.113
linuxlinux_kernel*≥6.2  –  <6.6.54
linuxlinux_kernel*≥6.7  –  <6.10.13
linuxlinux_kernel*≥6.11  –  <6.11.2

References 6

  • git.kernel.org https://git.kernel.org/stable/c/413df704f149dec585df07466d2401bbd1f490a0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/568c7c4c77eee6df7677bb861b7cee7398a3255d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/60312ae7392f9c75c6591a52fc359cf7f810d48f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a776050373893e4c847a49abeae2ccb581153df0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f81eaf08385ddd474a2f41595a7757502870c0eb
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/413df704f149dec585df07466d2401bbd1f490a0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/568c7c4c77eee6df7677bb861b7cee7398a3255d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/60312ae7392f9c75c6591a52fc359cf7f810d48f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a776050373893e4c847a49abeae2ccb581153df0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f81eaf08385ddd474a2f41595a7757502870c0eb
    Patch