发布时间: 2024年6月4日
修改时间: 2024年7月2日
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to prevent memory corruption.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | ||
| Attack Vector | ||
| CVSS评分 | N/A | N/A |
| Attack Complexity | ||
| Privileges Required | ||
| Scope | ||
| Integrity | ||
| User Interaction | ||
| Availability |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2024-2575 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to prevent memory corruption. | 2024年6月4日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5 | kernel | Unaffected |
| KY3.5.2 | kernel | Unaffected |
| KY3.5.3 | kernel | Unaffected |
| V6 | kernel | Unaffected |
