Name of the Vulnerable Software and Affected Versions Astra Linux (affected versions not specified)

Description The issue is related to a memory deallocation error in the dc395x interrupt handler of the Astra Linux kernel, specifically in the find dcb function called from the dc395x interrupt handler. This function accesses the children[id][lun] array, where the id index is read from the device and checked against the condition id<=255, which allows for an out-of-bounds access. Exploitation of this issue may allow an attacker to cause a denial of service (memory leak) by repeatedly connecting a Tekram DC395 device, which is represented as a PCI device and returns an incorrect value when reading the id identifier from the TRM S1040 SCSI TARGETID register using the DC395x read16 function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.