7.8
CVE-2024-42159
- EPSS 0.22%
- Veröffentlicht 30.07.2024 08:15:07
- Zuletzt bearbeitet 25.03.2026 14:27:16
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
scsi: mpi3mr: Sanitise num_phys
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version11.0
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.98
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.39
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.128 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
https://git.kernel.org/stable/c/3668651def2c1622904e58b0280ee93121f2b10b
https://git.kernel.org/stable/c/586b41060113ae43032ec6c4a16d518cef5da6e0
https://git.kernel.org/stable/c/b869ec89d2ee923d46608b76e54c006680c9b4df
https://git.kernel.org/stable/c/c8707901b53a48106d7501bdbd0350cefaefa4cf
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html