What is the severity of CVE-2024-50026?

CVE-2024-50026 has been classified as a security vulnerability within the Linux kernel.

How do I fix CVE-2024-50026?

To fix CVE-2024-50026, you should upgrade to the latest patched version of the Linux kernel, including versions such as 5.10.223-1 or 6.12.15-1.

What systems are affected by CVE-2024-50026?

CVE-2024-50026 impacts various versions of the Linux kernel, specifically versions between 5.18 and 6.6.57 and several pre-release versions.

Is there a workaround for CVE-2024-50026?

Currently, there are no known workarounds for CVE-2024-50026; upgrading the kernel is the recommended course of action.

What does CVE-2024-50026 potentially allow an attacker to do?

CVE-2024-50026 can lead to a system crash due to an oops in wd33c93_intr(), affecting the stability of systems using the vulnerable kernel versions.

Vulnerability/
CVE-2024-50026

medium

5.5

21/10/2024

19/12/2024

CVE-2024-50026: scsi: wd33c93: Don't use stale scsi_pointer value

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr(). That commit added the scsi_pointer variable and initialized it from hostdata->connected. However, during selection, hostdata->connected is not yet valid. Fix this by getting the current scsi_pointer from hostdata->selecting.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=5.18<6.1.113
Linux Kernel	>=6.2<6.6.57
Linux Kernel	>=6.7<6.11.4
Linux Kernel	=6.12-rc1
Linux Kernel	=6.12-rc2
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
debian/linux-6.1		6.1.119-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-50026?
CVE-2024-50026 has been classified as a security vulnerability within the Linux kernel.
How do I fix CVE-2024-50026?
To fix CVE-2024-50026, you should upgrade to the latest patched version of the Linux kernel, including versions such as 5.10.223-1 or 6.12.15-1.
What systems are affected by CVE-2024-50026?
CVE-2024-50026 impacts various versions of the Linux kernel, specifically versions between 5.18 and 6.6.57 and several pre-release versions.
Is there a workaround for CVE-2024-50026?
Currently, there are no known workarounds for CVE-2024-50026; upgrading the kernel is the recommended course of action.
What does CVE-2024-50026 potentially allow an attacker to do?
CVE-2024-50026 can lead to a system crash due to an oops in wd33c93_intr(), affecting the stability of systems using the vulnerable kernel versions.

agent/title
agent/first-publish-date
agent/type
agent/author
agent/remedy
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/usn-cve
source/Ubuntu
collector/launchpad-cve
source/Launchpad
collector/security-tracker-debian
source/Debian
agent/references
agent/source
agent/softwarecombine
agent/tags
agent/description
agent/event
vendor/linux
canonical/linux kernel
version/linux kernel/5.18
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.12-rc1
version/linux kernel/6.12-rc2
package-manager/debian

Frequently Asked Questions

What is the severity of CVE-2024-50026?
CVE-2024-50026 has been classified as a security vulnerability within the Linux kernel.
How do I fix CVE-2024-50026?
To fix CVE-2024-50026, you should upgrade to the latest patched version of the Linux kernel, including versions such as 5.10.223-1 or 6.12.15-1.
What systems are affected by CVE-2024-50026?
CVE-2024-50026 impacts various versions of the Linux kernel, specifically versions between 5.18 and 6.6.57 and several pre-release versions.
Is there a workaround for CVE-2024-50026?
Currently, there are no known workarounds for CVE-2024-50026; upgrading the kernel is the recommended course of action.
What does CVE-2024-50026 potentially allow an attacker to do?
CVE-2024-50026 can lead to a system crash due to an oops in wd33c93_intr(), affecting the stability of systems using the vulnerable kernel versions.

CVE-2024-50026: scsi: wd33c93: Don't use stale scsi_pointer value

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-50026?

How do I fix CVE-2024-50026?

What systems are affected by CVE-2024-50026?

Is there a workaround for CVE-2024-50026?

What does CVE-2024-50026 potentially allow an attacker to do?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-50026?

How do I fix CVE-2024-50026?

What systems are affected by CVE-2024-50026?

Is there a workaround for CVE-2024-50026?

What does CVE-2024-50026 potentially allow an attacker to do?