CVE-2024-38560
HIGHLinux Kernel - Out-of-bounds Read in SCSI BFA Driver via Unterminated Buffer
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.
References (11)
Core 11
Core References
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
Scores
CVSS v3
7.1
EPSS
0.0027
EPSS Percentile
17.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (29)
linux/Kernel
3.19.0 - 4.19.316linux
linux/Kernel
4.20.0 - 5.4.278linux
linux/Kernel
5.11.0 - 5.15.161linux
linux/Kernel
5.16.0 - 6.1.93linux
linux/Kernel
5.5.0 - 5.10.219linux
linux/Kernel
6.2.0 - 6.6.33linux
linux/Kernel
6.7.0 - 6.8.12linux
linux/Kernel
6.9.0 - 6.9.3linux
Linux/Linux
< 3.19
Linux/Linux
3.19
... and 19 more
Published
Jun 19, 2024
Tracked Since
Feb 18, 2026