exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

bind:"BDU:2025-03222" OR bind:"CVE-2024-47666"

exploitDog

bind:"BDU:2025-03222" OR bind:"CVE-2024-47666"

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 14

Количество 14

BDU:2025-03222

больше 1 года назад

Уязвимость функции pm8001_phy_control() драйвера SCSI ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

CVE-2024-47666

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.

CVSS3: 5.5

EPSS: Низкий

CVE-2024-47666

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.

CVSS3: 5.5

EPSS: Низкий

CVE-2024-47666

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.

CVSS3: 5.5

EPSS: Низкий

CVE-2024-47666

4 месяца назад

scsi: pm80xx: Set phy->enable_completion only when we wait for it

EPSS: Низкий

CVE-2024-47666

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: s ...

CVSS3: 5.5

EPSS: Низкий

GHSA-89mf-4cg3-w93v

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.

CVSS3: 5.5

EPSS: Низкий

SUSE-SU-2025:0236-1

12 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0201-2

10 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:0201-1

10 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4316-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4314-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4387-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:4318-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	BDU:2025-03222 Уязвимость функции pm8001_phy_control() драйвера SCSI ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	0% Низкий	больше 1 года назад
	CVE-2024-47666 In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.	CVSS3: 5.5	0% Низкий	больше 1 года назад
	CVE-2024-47666 In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.	CVSS3: 5.5	0% Низкий	больше 1 года назад
	CVE-2024-47666 In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.	CVSS3: 5.5	0% Низкий	больше 1 года назад
	CVE-2024-47666 scsi: pm80xx: Set phy->enable_completion only when we wait for it		0% Низкий	4 месяца назад
	CVE-2024-47666 In the Linux kernel, the following vulnerability has been resolved: s ...	CVSS3: 5.5	0% Низкий	больше 1 года назад
	GHSA-89mf-4cg3-w93v In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. The problem arises when a phy control response comes late. After 300 ms the pm8001_phy_control() function returns and the passed enable_completion stack address is no longer valid. Late phy control response invokes complete() on a dangling enable_completion pointer which leads to a kernel crash.	CVSS3: 5.5	0% Низкий	больше 1 года назад
	SUSE-SU-2025:0236-1 Security update for the Linux Kernel			12 месяцев назад
	SUSE-SU-2025:0201-2 Security update for the Linux Kernel			10 месяцев назад
	SUSE-SU-2025:0201-1 Security update for the Linux Kernel			10 месяцев назад
	SUSE-SU-2024:4316-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:4314-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:4387-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:4318-1 Security update for the Linux Kernel			около 1 года назад

Уязвимостей на страницу