CVE-2024-26760

scsi: target: pscsi: Fix bio_put() for error case

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc
wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit()
and kfree(). That is not done properly for the error case, hitting WARN and
NULL pointer dereference in bio_free().

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: target: pscsi: corrige bio_put() para el caso de error A partir del commit 066ff571011d ("bloque: convierte bio_kmalloc en un contenedor kmalloc simple"), una biografía asignada por bio_kmalloc() debe ser liberado por bio_uninit() y kfree(). Esto no se hace correctamente en el caso de error, al presionar WARN y desreferenciar el puntero NULL en bio_free().

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree(). That is not done properly for the error case, hitting WARN and NULL pointer dereference in bio_free().

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-04-03 CVE Published
2024-04-04 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/066ff571011d8416e903d3d4f1f41e0b5eb91e1d	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f49b20fd0134da84a6bd8108f9e73c077b7d6231	2024-03-01
https://git.kernel.org/stable/c/4ebc079f0c7dcda1270843ab0f38ab4edb8f7921	2024-03-01
https://git.kernel.org/stable/c/1cfe9489fb563e9a0c9cdc5ca68257a44428c2ec	2024-03-01
https://git.kernel.org/stable/c/de959094eb2197636f7c803af0943cb9d3b35804	2024-02-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.1.80 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.1.80"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.6.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.6.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.7.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.7.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.8"		en		Affected