摘要:
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
The app_reply->elem[] array is allocated earlier in this function and it
has app_req.num_ports elements. Thus this > comparison needs to be >= to
prevent memory corruption.
安全等级: Low
公告ID: KylinSec-SA-2024-2575
发布日期: 2024年6月4日
关联CVE: CVE-2024-36025
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
The app_reply->elem[] array is allocated earlier in this function and it
has app_req.num_ports elements. Thus this > comparison needs to be >= to
prevent memory corruption.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-36025 | KY3.4-5 | kernel | Unaffected |
| CVE-2024-36025 | KY3.5.3 | kernel | Unaffected |
| CVE-2024-36025 | V6 | kernel | Unaffected |
