Lucene search
LinuxCVE-2024-42159HistoryJul 30, 2024 - 8:15 a.m.
CVE-2024-42159
2024-07-3008:15:07
CWE-754
Linux
web.nvd.nist.gov
38
linux kernel
scsi mpi3mr
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.0%
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Sanitise num_phys
Information is stored in mr_sas_port->phy_mask, values larger then size of
this field shouldn’t be allowed.
Affected configurations
Node
linuxlinux_kernelRange<6.1.98
ORlinuxlinux_kernelRange6.2–6.6.39
ORlinuxlinux_kernelRange6.7–6.9.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/mpi3mr/mpi3mr_transport.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "b869ec89d2ee",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "586b41060113",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "c8707901b53a",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "3668651def2c",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/mpi3mr/mpi3mr_transport.c"
],
"versions": [
{
"version": "6.1.98",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.39",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.9",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-42159 scsi: mpi3mr: Sanitise num_phys
2024-07-30 07:47:01
cbl_mariner
cbl_mariner
CVE-2024-42159 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
nvd
nvd
CVE-2024-42159
2024-07-30 08:15:07
ubuntucve
ubuntucve
CVE-2024-42159
2024-07-30 00:00:00
osv
osv
debiancve
debiancve
CVE-2024-42159
2024-07-30 08:15:07
cvelist
cvelist
CVE-2024-42159 scsi: mpi3mr: Sanitise num_phys
2024-07-30 07:47:01
redhatcve
redhatcve
CVE-2024-42159
2024-08-01 12:09:23
nessus
nessus
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7020-1)
2024-09-18 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-069)
2024-09-09 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-709)
2024-09-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7020-1)
2024-09-19 00:00:00
Mageia: Security Advisory (MGASA-2024-0278)
2024-08-07 00:00:00
Mageia: Security Advisory (MGASA-2024-0277)
2024-08-07 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2024-5.0-0345
2024-08-09 00:00:00
mageia
mageia
Updated kernel, kmod-xtables-addons & kmod-virtualbox packages fix security vulnerabilities
2024-08-07 08:49:38
Updated kernel-linus packages fix security vulnerabilities
2024-08-07 08:49:38
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
5.0%
Related for CVE-2024-42159