CVE-2024-38560

Updated: 2025-01-14

CWE: CWE-125

Description:

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf. Fix this issue by using memdup_user_nul instead of memdup_user.

CVSS3: 7.1


Vendor State

OS Vendor version Errata
Oracle Linux 6 UEK 4 4.1.12-124.92.3.el6uek ELSA-2024-12851
Oracle Linux 7 UEK 4 4.1.12-124.92.3.el7uek ELSA-2024-12851
Ubuntu 14.04 HWE ESM 4.4.0-261.295~14.04.1 USN-7148-1
Oracle Linux 7 UEK 5 4.14.35-2047.540.4.1.el7uek ELSA-2024-12611
Ubuntu 20.04 5.4.0-192.212 USN-6951-1
Oracle Linux 7 UEK 6 5.4.17-2136.334.6.el7uek ELSA-2024-12581
Oracle Linux 8 UEK 6 5.4.17-2136.334.6.el8uek ELSA-2024-12581
Ubuntu 20.04 AWS 5.4.0-1130.140 USN-6951-1
Ubuntu 16.04 ESM 4.4.0-261.295 USN-7148-1
Ubuntu 16.04 HWE ESM 4.15.0-231.243~16.04.1 USN-7121-1
Ubuntu 16.04 AWS ESM 4.4.0-1176.191 USN-7148-1
Ubuntu 16.04 GCP ESM 4.15.0-1168.185~16.04.1 USN-7121-1
Ubuntu 16.04 AWS HWE ESM 4.15.0-1175.188~16.04.1 USN-7121-1
Ubuntu 16.04 Azure ESM 4.15.0-1183.198~16.04.1 USN-7121-1
Debian 11 5.10.221-1 DSA-5730-1
Ubuntu 22.04 5.15.0-121.131 USN-7007-1
Ubuntu 22.04 AWS 5.15.0-1069.75 USN-7007-1
Ubuntu 22.04 Azure 5.15.0-1072.81 USN-7009-1
Debian 11 cloud 5.10.221-1 DSA-5730-1
Ubuntu 20.04 HWE AWS 5.15.0-1069.75~20.04.1 USN-7007-1
Ubuntu 20.04 HWE Azure 5.15.0-1072.81~20.04.1 USN-7009-1
Ubuntu 20.04 GCP 5.4.0-1134.143 USN-6951-1
Ubuntu 24.04 6.8.0-40.40 USN-6949-1

KernelCare State

OS Original kernel version State
Ubuntu 18.04
Planned
Ubuntu 18.04 AWS
Planned
Oracle Linux 6 UEK 4
Planned
Oracle Linux 7 UEK 4
Planned
Ubuntu 14.04 HWE ESM
Planned
Oracle Linux 7 UEK 5
Planned
Ubuntu 20.04
In Progress
Oracle Linux 7 UEK 6
5.4.17-2011.2.2.el7uek show all hide all
5.4.17-2011.1.2.el7uek 5.4.17-2011.3.2.1.el7uek 5.4.17-2011.0.7.el7uek 5.4.17-2011.4.4.el7uek 5.4.17-2011.4.6.el7uek 5.4.17-2011.5.3.el7uek 5.4.17-2011.6.2.el7uek 5.4.17-2011.7.4.el7uek 5.4.17-2036.100.6.1.el7uek 5.4.17-2036.101.2.el7uek 5.4.17-2036.102.0.2.el7uek 5.4.17-2036.103.3.el7uek 5.4.17-2036.103.3.1.el7uek 5.4.17-2036.104.4.el7uek 5.4.17-2036.104.5.el7uek 5.4.17-2102.200.13.el7uek 5.4.17-2102.201.3.el7uek 5.4.17-2102.202.5.el7uek 5.4.17-2102.203.5.el7uek 5.4.17-2102.203.6.el7uek 5.4.17-2102.204.4.2.el7uek 5.4.17-2102.204.4.3.el7uek 5.4.17-2102.204.4.4.el7uek 5.4.17-2102.205.7.2.el7uek 5.4.17-2102.205.7.3.el7uek 5.4.17-2102.206.1.el7uek 5.4.17-2136.300.7.el7uek 5.4.17-2136.301.1.2.el7uek 5.4.17-2136.301.1.4.el7uek 5.4.17-2136.302.6.1.el7uek 5.4.17-2136.302.7.2.el7uek 5.4.17-2136.302.7.2.1.el7uek 5.4.17-2136.301.1.3.el7uek 5.4.17-2136.302.7.2.2.el7uek 5.4.17-2136.302.7.2.3.el7uek 5.4.17-2136.304.4.1.el7uek 5.4.17-2136.304.4.2.el7uek 5.4.17-2136.304.4.3.el7uek 5.4.17-2136.304.4.4.el7uek 5.4.17-2136.304.4.5.el7uek 5.4.17-2136.305.5.3.el7uek 5.4.17-2136.305.5.4.el7uek 5.4.17-2136.305.5.5.el7uek 5.4.17-2136.306.1.3.el7uek 5.4.17-2136.307.3.1.el7uek 5.4.17-2136.307.3.2.el7uek 5.4.17-2136.307.3.4.el7uek 5.4.17-2136.307.3.5.el7uek 5.4.17-2136.308.7.el7uek 5.4.17-2136.307.3.6.el7uek 5.4.17-2136.308.9.el7uek 5.4.17-2136.309.5.el7uek 5.4.17-2136.309.5.1.el7uek 5.4.17-2136.310.7.el7uek 5.4.17-2136.310.7.1.el7uek 5.4.17-2136.309.4.el7uek 5.4.17-2136.311.6.el7uek 5.4.17-2136.311.6.1.el7uek 5.4.17-2136.312.3.4.el7uek 5.4.17-2136.313.6.el7uek 5.4.17-2136.314.6.2.el7uek 5.4.17-2136.314.6.3.el7uek 5.4.17-2136.315.5.el7uek 5.4.17-2136.316.7.el7uek 5.4.17-2136.315.5.8.el7uek 5.4.17-2136.317.5.3.el7uek 5.4.17-2136.317.5.5.el7uek 5.4.17-2136.318.7.1.el7uek 5.4.17-2136.318.7.2.el7uek 5.4.17-2136.319.1.2.el7uek 5.4.17-2136.319.1.3.el7uek 5.4.17-2136.319.1.4.el7uek 5.4.17-2136.320.7.el7uek 5.4.17-2136.320.7.1.el7uek 5.4.17-2136.321.4.el7uek 5.4.17-2136.322.6.2.el7uek 5.4.17-2136.323.8.el7uek 5.4.17-2136.323.8.1.el7uek 5.4.17-2136.323.8.2.el7uek 5.4.17-2136.321.4.1.el7uek 5.4.17-2136.324.5.3.el7uek 5.4.17-2136.322.6.3.el7uek 5.4.17-2136.325.5.el7uek 5.4.17-2136.325.5.1.el7uek 5.4.17-2136.326.6.el7uek 5.4.17-2136.326.6.1.el7uek 5.4.17-2136.327.2.el7uek 5.4.17-2136.328.3.el7uek 5.4.17-2136.329.3.1.el7uek 5.4.17-2136.322.6.4.el7uek 5.4.17-2136.329.3.2.el7uek 5.4.17-2136.330.7.1.el7uek 5.4.17-2136.331.7.el7uek 5.4.17-2136.322.6.5.el7uek 5.4.17-2136.330.7.4.el7uek 5.4.17-2136.332.5.2.el7uek 5.4.17-2136.333.5.el7uek 5.4.17-2136.330.7.5.el7uek 5.4.17-2136.333.5.1.el7uek
Released
Oracle Linux 8 UEK 6
5.4.17-2011.2.2.el8uek show all hide all
5.4.17-2011.1.2.el8uek 5.4.17-2011.3.2.1.el8uek 5.4.17-2011.0.7.el8uek 5.4.17-2011.4.4.el8uek 5.4.17-2011.4.6.el8uek 5.4.17-2011.5.3.el8uek 5.4.17-2011.6.2.el8uek 5.4.17-2011.7.4.el8uek 5.4.17-2036.100.6.1.el8uek 5.4.17-2036.101.2.el8uek 5.4.17-2036.102.0.2.el8uek 5.4.17-2036.103.3.el8uek 5.4.17-2036.103.3.1.el8uek 5.4.17-2036.104.4.el8uek 5.4.17-2036.104.5.el8uek 5.4.17-2102.200.13.el8uek 5.4.17-2102.201.3.el8uek 5.4.17-2102.202.5.el8uek 5.4.17-2102.203.5.el8uek 5.4.17-2102.203.6.el8uek 5.4.17-2102.204.4.2.el8uek 5.4.17-2102.204.4.3.el8uek 5.4.17-2102.204.4.4.el8uek 5.4.17-2102.205.7.2.el8uek 5.4.17-2102.205.7.3.el8uek 5.4.17-2102.206.1.el8uek 5.4.17-2136.300.7.el8uek 5.4.17-2136.301.1.2.el8uek 5.4.17-2136.301.1.4.el8uek 5.4.17-2136.302.6.1.el8uek 5.4.17-2136.302.7.2.el8uek 5.4.17-2136.302.7.2.1.el8uek 5.4.17-2136.301.1.3.el8uek 5.4.17-2136.302.7.2.2.el8uek 5.4.17-2136.302.7.2.3.el8uek 5.4.17-2136.304.4.1.el8uek 5.4.17-2136.304.4.2.el8uek 5.4.17-2136.304.4.3.el8uek 5.4.17-2136.304.4.4.el8uek 5.4.17-2136.304.4.5.el8uek 5.4.17-2136.305.5.3.el8uek 5.4.17-2136.305.5.4.el8uek 5.4.17-2136.305.5.5.el8uek 5.4.17-2136.306.1.3.el8uek 5.4.17-2136.307.3.1.el8uek 5.4.17-2136.307.3.2.el8uek 5.4.17-2136.307.3.4.el8uek 5.4.17-2136.307.3.5.el8uek 5.4.17-2136.308.7.el8uek 5.4.17-2136.307.3.6.el8uek 5.4.17-2136.308.9.el8uek 5.4.17-2136.309.5.el8uek 5.4.17-2136.309.5.1.el8uek 5.4.17-2136.310.7.el8uek 5.4.17-2136.310.7.1.el8uek 5.4.17-2136.309.4.el8uek 5.4.17-2136.311.6.el8uek 5.4.17-2136.311.6.1.el8uek 5.4.17-2136.312.3.4.el8uek 5.4.17-2136.313.6.el8uek 5.4.17-2136.314.6.2.el8uek 5.4.17-2136.314.6.3.el8uek 5.4.17-2136.315.5.el8uek 5.4.17-2136.316.7.el8uek 5.4.17-2136.315.5.8.el8uek 5.4.17-2136.317.5.3.el8uek 5.4.17-2136.317.5.5.el8uek 5.4.17-2136.318.7.1.el8uek 5.4.17-2136.318.7.2.el8uek 5.4.17-2136.319.1.2.el8uek 5.4.17-2136.319.1.3.el8uek 5.4.17-2136.319.1.4.el8uek 5.4.17-2136.320.7.el8uek 5.4.17-2136.320.7.1.el8uek 5.4.17-2136.321.4.el8uek 5.4.17-2136.321.4.1.el8uek 5.4.17-2136.322.6.2.el8uek 5.4.17-2136.323.8.el8uek 5.4.17-2136.323.8.1.el8uek 5.4.17-2136.323.8.2.el8uek 5.4.17-2136.324.5.2.el8uek 5.4.17-2136.324.5.3.el8uek 5.4.17-2136.322.6.3.el8uek 5.4.17-2136.325.5.el8uek 5.4.17-2136.325.5.1.el8uek 5.4.17-2136.326.6.el8uek 5.4.17-2136.326.6.1.el8uek 5.4.17-2136.327.2.el8uek 5.4.17-2136.328.3.el8uek 5.4.17-2136.329.3.1.el8uek 5.4.17-2136.322.6.4.el8uek 5.4.17-2136.329.3.2.el8uek 5.4.17-2136.330.7.1.el8uek 5.4.17-2136.331.7.el8uek 5.4.17-2136.322.6.5.el8uek 5.4.17-2136.330.7.4.el8uek 5.4.17-2136.332.5.2.el8uek 5.4.17-2136.333.5.el8uek 5.4.17-2136.330.7.5.el8uek 5.4.17-2136.333.5.1.el8uek
Released
Ubuntu 20.04 AWS
In Progress
Ubuntu 16.04 ESM
Planned
Ubuntu 16.04 HWE ESM
Planned
Ubuntu 16.04 AWS ESM
Planned
Ubuntu 16.04 GCP ESM
Planned
Ubuntu 16.04 AWS HWE ESM
Planned
Ubuntu 16.04 Azure ESM
Planned
Debian 11
In Progress
Ubuntu 22.04
5.15.0-27.28 show all hide all
5.15.0-33.34 5.15.0-37.39 5.15.0-39.42 5.15.0-25.25 5.15.0-28.29 5.15.0-29.30 5.15.0-30.31 5.15.0-41.44 5.15.0-43.46 5.15.0-46.49 5.15.0-35.36 5.15.0-47.51 5.15.0-48.54 5.15.0-40.43 5.15.0-50.56 5.15.0-52.58 5.15.0-53.59 5.15.0-56.62 5.15.0-54.60 5.15.0-57.63 5.15.0-58.64 5.15.0-60.66 5.15.0-67.74 5.15.0-69.76 5.15.0-70.77 5.15.0-71.78 5.15.0-72.79 5.15.0-68.75 5.15.0-73.80 5.15.0-75.82 5.15.0-76.83 5.15.0-78.85 5.15.0-79.86 5.15.0-82.91 5.15.0-83.92 5.15.0-84.93 5.15.0-86.96 5.15.0-74.81 5.15.0-87.97 5.15.0-88.98 5.15.0-89.99 5.15.0-91.101 5.15.0-92.102 5.15.0-94.104 5.15.0-97.107 5.15.0-100.110 5.15.0-101.111 5.15.0-102.112 5.15.0-105.115 5.15.0-106.116 5.15.0-107.117 5.15.0-112.122 5.15.0-113.123 5.15.0-116.126 5.15.0-117.127 5.15.0-118.128 5.15.0-119.129
Released
Ubuntu 22.04 AWS
5.15.0-1005.7 show all hide all
5.15.0-1008.10 5.15.0-1011.14 5.15.0-1013.17 5.15.0-1015.19 5.15.0-1017.21 5.15.0-1009.11 5.15.0-1020.24 5.15.0-1021.25 5.15.0-1022.26 5.15.0-1023.27 5.15.0-1026.30 5.15.0-1004.6 5.15.0-1014.18 5.15.0-1018.22 5.15.0-1024.29 5.15.0-1027.31 5.15.0-1028.32 5.15.0-1030.34 5.15.0-1031.35 5.15.0-1033.37 5.15.0-1034.38 5.15.0-1035.39 5.15.0-1036.40 5.15.0-1032.36 5.15.0-1037.41 5.15.0-1038.43 5.15.0-1039.44 5.15.0-1040.45 5.15.0-1042.47 5.15.0-1043.48 5.15.0-1044.49 5.15.0-1045.50 5.15.0-1047.52 5.15.0-1048.53 5.15.0-1049.54 5.15.0-1050.55 5.15.0-1051.56 5.15.0-1052.57 5.15.0-1053.58 5.15.0-1055.60 5.15.0-1056.61 5.15.0-1057.63 5.15.0-1060.66 5.15.0-1061.67 5.15.0-1062.68 5.15.0-1063.69 5.15.0-1064.70 5.15.0-1065.71 5.15.0-1066.72 5.15.0-1067.73 5.15.0-1068.74
Released
Ubuntu 22.04 Azure
5.15.0-1005.6 show all hide all
5.15.0-1007.8 5.15.0-1010.12 5.15.0-1012.15 5.15.0-1014.17 5.15.0-1017.20 5.15.0-1008.9 5.15.0-1019.24 5.15.0-1020.25 5.15.0-1021.26 5.15.0-1022.27 5.15.0-1003.4 5.15.0-1013.16 5.15.0-1023.29 5.15.0-1029.36 5.15.0-1024.30 5.15.0-1034.41 5.15.0-1035.42 5.15.0-1036.43 5.15.0-1037.44 5.15.0-1038.45 5.15.0-1039.46 5.15.0-1040.47 5.15.0-1041.48 5.15.0-1042.49 5.15.0-1045.52 5.15.0-1046.53 5.15.0-1047.54 5.15.0-1049.56 5.15.0-1044.51 5.15.0-1050.57 5.15.0-1051.59 5.15.0-1052.60 5.15.0-1053.61 5.15.0-1054.62 5.15.0-1056.64 5.15.0-1057.65 5.15.0-1058.66 5.15.0-1059.67 5.15.0-1060.69 5.15.0-1061.70 5.15.0-1063.72 5.15.0-1064.73 5.15.0-1066.75 5.15.0-1067.76 5.15.0-1068.77 5.15.0-1070.79 5.15.0-1071.80
Released
Debian 11 cloud
In Progress
Ubuntu 20.04 HWE AWS
5.15.0-1026.30~20.04.2 show all hide all
5.15.0-1022.26~20.04.1 5.15.0-1023.27~20.04.1 5.15.0-1021.25~20.04.1 5.15.0-1020.24~20.04.1 5.15.0-1017.21~20.04.1 5.15.0-1019.23~20.04.1 5.15.0-1014.18~20.04.1 5.15.0-1015.19~20.04.1 5.15.0-1018.22~20.04.1 5.15.0-1027.31~20.04.1 5.15.0-1028.32~20.04.1 5.15.0-1030.34~20.04.1 5.15.0-1031.35~20.04.1 5.15.0-1033.37~20.04.1 5.15.0-1034.38~20.04.1 5.15.0-1035.39~20.04.1 5.15.0-1036.40~20.04.1 5.15.0-1037.41~20.04.1 5.15.0-1038.43~20.04.1 5.15.0-1039.44~20.04.1 5.15.0-1040.45~20.04.1 5.15.0-1041.46~20.04.1 5.15.0-1043.48~20.04.1 5.15.0-1044.49~20.04.1 5.15.0-1045.50~20.04.1 5.15.0-1047.52~20.04.1 5.15.0-1048.53~20.04.1 5.15.0-1049.54~20.04.1 5.15.0-1050.55~20.04.1 5.15.0-1051.56~20.04.1 5.15.0-1052.57~20.04.1 5.15.0-1053.58~20.04.1 5.15.0-1055.60~20.04.1 5.15.0-1056.61~20.04.1 5.15.0-1057.63~20.04.1 5.15.0-1058.64~20.04.1 5.15.0-1061.67~20.04.1 5.15.0-1062.68~20.04.1 5.15.0-1063.69~20.04.1 5.15.0-1064.70~20.04.1 5.15.0-1065.71~20.04.1 5.15.0-1066.72~20.04.1 5.15.0-1067.73~20.04.1 5.15.0-1068.74~20.04.1
Released
Ubuntu 20.04 HWE Azure
5.15.0-1029.36~20.04.1 show all hide all
5.15.0-1022.27~20.04.1 5.15.0-1023.29~20.04.1 5.15.0-1021.26~20.04.1 5.15.0-1020.25~20.04.1 5.15.0-1017.20~20.04.1 5.15.0-1019.24~20.04.1 5.15.0-1008.9~20.04.1 5.15.0-1013.16~20.04.1 5.15.0-1014.17~20.04.1 5.15.0-1024.30~20.04.1 5.15.0-1034.41~20.04.1 5.15.0-1049.56~20.04.1 5.15.0-1050.57~20.04.1 5.15.0-1054.62~20.04.1 5.15.0-1056.64~20.04.1 5.15.0-1057.65~20.04.1 5.15.0-1058.66~20.04.2 5.15.0-1059.67~20.04.1 5.15.0-1060.69~20.04.1 5.15.0-1061.70~20.04.1 5.15.0-1063.72~20.04.1 5.15.0-1064.73~20.04.1 5.15.0-1067.76~20.04.1 5.15.0-1068.77~20.04.1 5.15.0-1065.74~20.04.1 5.15.0-1070.79~20.04.1 5.15.0-1071.80~20.04.1
Released
Ubuntu 20.04 GCP
In Progress
Debian 12
Planned
Ubuntu 24.04
Planned