References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

usb: storage: sddr55: Reject out-of-bound new_pba

Discovered by Atuin - Automated Vulnerability Discovery Engine.

new_pba comes from the status packet returned after each write.
A bogus device could report values beyond the block count derived
from info->capacity, letting the driver walk off the end of
pba_to_lba[] and corrupt heap memory.

Reject PBAs that exceed the computed block count and fail the
transfer so we avoid touching out-of-range mapping entries.

https://git.kernel.org/stable/c/04a8a6393f3f2f471e05eacca33282dd30b01432

https://git.kernel.org/stable/c/26e9b5da3231da7dc357b363883b5b7b51a64092

https://git.kernel.org/stable/c/5ebe8d479aaf4f41ac35e6955332304193c646f6

https://git.kernel.org/stable/c/a20f1dd19d21dcb70140ea5a71b1f8cbe0c7e68f

https://git.kernel.org/stable/c/aa64e0e17e3a5991a25e6a46007770c629039869

https://git.kernel.org/stable/c/b59d4fda7e7d0aff1043a7f742487cb829f5aac1

https://git.kernel.org/stable/c/d00a6c04a502cd52425dbf35588732c652b16490