In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long values, and when testing or setting a single word, they can exceed the word boundary. KASAN detects this issue and produces a dump: BUG: KASAN: slab-out-of-bounds in _scsih_add_device.constprop.0 (./arch/x86/include/asm/bitops.h:60 ./include/asm-generic/bitops/instrumented-atomic.h:29 drivers/scsi/mpt3sas/mpt3sas_scsih.c:7331) mpt3sas Write of size 8 at addr ffff8881d26e3c60 by task kworker/u1536:2/2965 For full log, please look at [1]. Make the allocation at least the size of sizeof(unsigned long) so that set_bit() and test_bit() have sufficient room for read/write operations without overwriting unallocated memory. [1] Link: https://lore.kernel.org/all/ZkNcALr3W3KGYYJG@gmail.com/
Find out more about CVE-2024-40901 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
Product Name | Status | Defect | Fixed | Downloads |
---|---|---|---|---|
Linux | ||||
Wind River Linux LTS 17 | Requires LTSS | -- | -- | -- |
Wind River Linux 8 | Requires LTSS | -- | -- | -- |
Wind River Linux 9 | Requires LTSS | -- | -- | -- |
Wind River Linux 7 | Requires LTSS | -- | -- | -- |
Wind River Linux LTS 21 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
Wind River Linux LTS 18 | Requires LTSS | -- | -- | -- |
Wind River Linux LTS 19 | Investigate | -- | -- | -- |
Wind River Linux CD release | N/A | -- | -- | -- |
Wind River Linux 6 | Requires LTSS | -- | -- | -- |
Wind River Linux LTS 23 | Fixed |
LIN1023-7031 |
10.23.30.12 | -- |
Wind River Linux LTS 24 | Fixed |
LIN1024-2700 |
10.24.33.1 | -- |
VxWorks | ||||
VxWorks 7 | Not Vulnerable | -- | -- | -- |
VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
Helix Virtualization Platform Cert Edition | ||||
Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
eLxr | ||||
eLxr 12 | Vulnerable | -- | -- | -- |
Product Name | Status | Defect | Fixed | Downloads |
---|