PT-2024-9059 · Linux+5 · Linux Kernel+5

Bui Quang Minh

·

Published

2024-05-06

·

Updated

2025-02-03

·

CVE-2024-38560

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to a buffer overflow vulnerability in the Linux kernel's scsi: bfa component. It occurs when a nbytes-sized kernel buffer is allocated and nbytes are copied from userspace to that buffer. Later, sscanf is used on this buffer without ensuring the string is terminated inside the buffer, leading to an out-of-bounds (OOB) read when using sscanf. This can be fixed by using memdup user nul instead of memdup user.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2024-10741
CVE-2024-38560
DLA-3840-1
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1793
OESA-2024-2076
OESA-2024-2216
OESA-2024-2218
OESA-2024-2258
OPENSUSE-SU-2024_2362-1
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2362-1
SUSE-SU-2024:2365-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2384-1
SUSE-SU-2024:2385-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2495-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2940-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6949-1
USN-6949-2
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6952-1
USN-6952-2
USN-6953-1
USN-6955-1
USN-6979-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7009-1
USN-7009-2
USN-7019-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7148-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu