Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceCVE-2024-42288

CVE-2024-42288

MEDIUM5.5

scsi: qla2xxx: Fix for possible memory corruption

Published Aug 17, 2024

Modified 2 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix for possible memory corruption

Init Control Block is dereferenced incorrectly. Correctly dereference ICB

References

https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e

https://git.kernel.org/stable/c/571d7f2a08836698c2fb0d792236424575b9829b

https://git.kernel.org/stable/c/8192c533e89d9fb69b2490398939236b78cda79b

https://git.kernel.org/stable/c/87db8d7b7520e99de71791260989f06f9c94953d

https://git.kernel.org/stable/c/b0302ffc74123b6a99d7d1896fcd9b2e4072d9ce

https://git.kernel.org/stable/c/c03d740152f78e86945a75b2ad541bf972fab92a

https://git.kernel.org/stable/c/dae67169cb35a37ecccf60cfcd6bf93a1f4f5efb

https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://www.cve.org/CVERecord?id=CVE-2024-42288

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedAug 17, 2024

ModifiedJan 5, 2026

CVE-2024-42288 | Mondoo Vulnerability Intelligence