In the Linux kernel, the following vulnerability has been resolved:
scsi: qedf: Ensure the copied buf is NUL terminated
Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using kstrtouint. Fix this issue by using memdupusernul instead of memdup_user.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@563e609275927c0b75fbfd0d90441543aa7b5e0d", "signature_version": "v1", "id": "CVE-2024-38559-108ece64", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dccd97b39ab2f2b1b9a47a1394647a4d65815255", "signature_version": "v1", "id": "CVE-2024-38559-1f7387ca", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d93318f19d1e1a6d5f04f5d965eaa9055bb7c613", "signature_version": "v1", "id": "CVE-2024-38559-2d8a4a74", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4907f5ad246fa9b51093ed7dfc7da9ebbd3f20b8", "signature_version": "v1", "id": "CVE-2024-38559-412e9513", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d0184a375ee797eb657d74861ba0935b6e405c62", "signature_version": "v1", "id": "CVE-2024-38559-584d471f", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f84a2744ad813be23fc4be99fb74bfb24aadb95", "signature_version": "v1", "id": "CVE-2024-38559-6476f1f0", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@177f43c6892e6055de6541fe9391a8a3d1f95fc9", "signature_version": "v1", "id": "CVE-2024-38559-94ec895a", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a75001678e1d38aa607d5b898ec7ff8ed0700d59", "signature_version": "v1", "id": "CVE-2024-38559-e28c966d", "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "260928844501890140479183255918780860731", "171022941439536968635068802453684793355", "289938909415365621076931244951204499392", "169115983075687269653763243436106699343" ] }, "target": { "file": "drivers/scsi/qedf/qedf_debugfs.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@769b9fd2af02c069451fe9108dba73355d9a021c", "signature_version": "v1", "id": "CVE-2024-38559-fc23b601", "signature_type": "Line" } ] }