Linux · Linux Kernel · CVE-2024-42288
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 6.6.50
**Description**
The issue is related to a possible memory corruption in the scsi component of the Linux kernel, specifically in the qla2xxx module. The Init Control Block is dereferenced incorrectly, which can be exploited to potentially elevate privileges.
**Recommendations**
For versions prior to 6.6.50, update to version 6.6.50 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable scsi component until a patch is available.