Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-42288

MEDIUM5.5

scsi: qla2xxx: Fix for possible memory corruption

Published Aug 17, 2024

Modified 1 weeks ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix for possible memory corruption

Init Control Block is dereferenced incorrectly. Correctly dereference ICB

References

WEBhttps://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e WEBhttps://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b WEBhttps://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b WEBhttps://git.kernel.org/stable/c/87db8d7b7520e99de71791260989f06f9c94953d WEBhttps://git.kernel.org/stable/c/b0302ffc74123b6a99d7d1896fcd9b2e4072d9ce WEBhttps://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a WEBhttps://git.kernel.org/stable/c/dae67169cb35a37ecccf60cfcd6bf93a1f4f5efb WEBhttps://lists.debian.org/debian-lts-announce/2024/10/msg00003.html WEBhttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-42288

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedAug 17, 2024

ModifiedJan 5, 2026

CVE-2024-42288 | Mondoo Vulnerability Intelligence