CVE-2024-36025 | Linux Kernel up to 5.15.155/6.1.86/6.6.27/6.8.6 scsi qla_edif_app_getstats elem[] off-by-one

Inserito da Angelo Barbosa | Mag 30, 2024 | CVE

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.155/6.1.86/6.6.27/6.8.6. Affected is the function qla_edif_app_getstats of the component scsi. The manipulation of the argument elem[] leads to off-by-one.

This vulnerability is traded as CVE-2024-36025. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36025 | Linux Kernel up to 5.15.155/6.1.86/6.6.27/6.8.6 scsi qla_edif_app_getstats elem[] off-by-one

Post correlati

CVE-2024-6169 | Unlimited Elements For Elementor Plugin up to 1.5.112 on WordPress username cross site scripting

CVE-2024-8149 | Esri Portal for ArcGIS up to 11.1/11.2 Link cross site scripting

CVE-2023-38944 | Multilaser RE160V/RE163V 12.03.01.09_pt/12.03.01.10_pt Web Management Interface RouterCfm.cfg access control

CVE-2023-3517 | Hitachi Vantara Pentaho Data Integration & Analytics prior 9.3.0.5/9.5.0.1 JNDI Identifier resource injection