CVE-2024-38559

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9", "name": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9", "name": "https://git.kernel.org/stable/c/177f43c6892e6055de6541fe9391a8a3d1f95fc9", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95", "name": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95", "name": "https://git.kernel.org/stable/c/1f84a2744ad813be23fc4be99fb74bfb24aadb95", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8", "name": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8", "name": "https://git.kernel.org/stable/c/4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d", "name": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d", "name": "https://git.kernel.org/stable/c/563e609275927c0b75fbfd0d90441543aa7b5e0d", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c", "name": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c", "name": "https://git.kernel.org/stable/c/769b9fd2af02c069451fe9108dba73355d9a021c", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59", "name": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59", "name": "https://git.kernel.org/stable/c/a75001678e1d38aa607d5b898ec7ff8ed0700d59", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62", "name": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62", "name": "https://git.kernel.org/stable/c/d0184a375ee797eb657d74861ba0935b6e405c62", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613", "name": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613", "name": "https://git.kernel.org/stable/c/d93318f19d1e1a6d5f04f5d965eaa9055bb7c613", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255", "name": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255", "name": "https://git.kernel.org/stable/c/dccd97b39ab2f2b1b9a47a1394647a4d65815255", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon't ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-38559", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2024-06-19T14:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.9.3", "versionStartIncluding": "6.9"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.8.12", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.93", "versionStartIncluding": "5.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.219", "versionStartIncluding": "5.5"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.316", "versionStartIncluding": "4.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.278", "versionStartIncluding": "4.20"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-01T18:22Z"}