Описание
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix buffer overrun
Klocwork warning: Buffer Overflow - Array Index Out of Bounds
Driver uses fc_els_flogi to calculate size of buffer. The actual buffer is nested inside of fc_els_flogi which is smaller.
Replace structure name to allow proper size calculation.
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix buffer overrun
Klocwork warning: Buffer Overflow - Array Index Out of Bounds
Driver uses fc_els_flogi to calculate size of buffer. The actual buffer is nested inside of fc_els_flogi which is smaller.
Replace structure name to allow proper size calculation.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-54054
- https://git.kernel.org/stable/c/2dddbf8de128289a3fb7ae38d9bc4b2217205ec1
- https://git.kernel.org/stable/c/89250e775dcc4482d8e970ed92ad2c9458b14a8a
- https://git.kernel.org/stable/c/b68710a8094fdffe8dd4f7a82c82649f479bb453
- https://git.kernel.org/stable/c/d5e7c9cd56e987c8687859a0bf38fd86aa8f3cec
- https://git.kernel.org/stable/c/eecb8a491c824a9376155d26ec95b6d0054c059c
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.