{
  "threat_severity" : "Low",
  "public_date" : "2024-06-19T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: scsi: qedf: Ensure the copied buf is NUL terminated",
    "id" : "2293440",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2293440"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-125",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nscsi: qedf: Ensure the copied buf is NUL terminated\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon't ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7001",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7000",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.22.1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-09-11T00:00:00Z",
    "advisory" : "RHSA-2024:6567",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.35.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-09-11T00:00:00Z",
    "advisory" : "RHSA-2024:6567",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.35.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-09-18T00:00:00Z",
    "advisory" : "RHSA-2024:6744",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2",
    "package" : "kernel-0:5.14.0-284.84.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-09-18T00:00:00Z",
    "advisory" : "RHSA-2024:6745",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv",
    "package" : "kernel-rt-0:5.14.0-284.84.1.rt14.369.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-38559\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-38559\nhttps://lore.kernel.org/linux-cve-announce/2024061953-CVE-2024-38559-3e03@gregkh/T" ],
  "name" : "CVE-2024-38559",
  "csaw" : false
}