CVE-2024-40901

Updated: 2024-09-13 03:31:46.31897

Description:

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long values, and when testing or setting a single word, they can exceed the word boundary. KASAN detects this issue and produces a dump: BUG: KASAN: slab-out-of-bounds in _scsih_add_device.constprop.0 (./arch/x86/include/asm/bitops.h:60 ./include/asm-generic/bitops/instrumented-atomic.h:29 drivers/scsi/mpt3sas/mpt3sas_scsih.c:7331) mpt3sas Write of size 8 at addr ffff8881d26e3c60 by task kworker/u1536:2/2965 For full log, please look at [1]. Make the allocation at least the size of sizeof(unsigned long) so that set_bit() and test_bit() have sufficient room for read/write operations without overwriting unallocated memory. [1] Link: https://lore.kernel.org/all/ZkNcALr3W3KGYYJG@gmail.com/


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-25 12:26:26
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-25 12:26:26
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-25 12:26:26
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-25 12:26:25
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1727690947 2024-09-30 10:47:42
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1727690025 2024-09-30 10:47:43
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1727815919 2024-10-01 17:28:06
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-25 12:26:26
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-25 12:26:24
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-25 12:26:24
Total: 13