{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T09:32:25.088","vulnerabilities":[{"cve":{"id":"CVE-2024-36920","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-30T16:15:15.303","lastModified":"2025-10-01T13:53:19.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Avoid memcpy field-spanning write WARNING\n\nWhen the \"storcli2 show\" command is executed for eHBA-9600, mpi3mr driver\nprints this WARNING message:\n\n  memcpy: detected field-spanning write (size 128) of single field \"bsg_reply_buf->reply_buf\" at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 (size 1)\n  WARNING: CPU: 0 PID: 12760 at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 mpi3mr_bsg_request+0x6b12/0x7f10 [mpi3mr]\n\nThe cause of the WARN is 128 bytes memcpy to the 1 byte size array \"__u8\nreplay_buf[1]\" in the struct mpi3mr_bsg_in_reply_buf. The array is intended\nto be a flexible length array, so the WARN is a false positive.\n\nTo suppress the WARN, remove the constant number '1' from the array\ndeclaration and clarify that it has flexible length. Also, adjust the\nmemory allocation size to match the change."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: mpi3mr: evitar escritura de extensión de campos de memcpy ADVERTENCIA Cuando se ejecuta el comando \"storcli2 show\" para eHBA-9600, el controlador mpi3mr imprime este mensaje de ADVERTENCIA: memcpy: extensión de campos detectada escriba (tamaño 128) de un solo campo \"bsg_reply_buf->reply_buf\" en drivers/scsi/mpi3mr/mpi3mr_app.c:1658 (tamaño 1) ADVERTENCIA: CPU: 0 PID: 12760 en drivers/scsi/mpi3mr/mpi3mr_app.c:1658 mpi3mr_bsg_request+0x6b12/0x7f10 [mpi3mr] La causa de la ADVERTENCIA es 128 bytes de memoria en la matriz de tamaño de 1 byte \"__u8 replay_buf[1]\" en la estructura mpi3mr_bsg_in_reply_buf. La matriz está manipulada para ser una matriz de longitud flexible, por lo que WARN es un falso positivo. Para suprimir WARN, elimine el número constante '1' de la declaración de matriz y aclare que tiene una longitud flexible. Además, ajuste el tamaño de la asignación de memoria para que coincida con el cambio."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.1.91","matchCriteriaId":"9074C99F-2BFC-4672-B657-FB3F704129C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.31","matchCriteriaId":"CDDB1F69-36AC-41C1-9192-E7CCEF5FFC00"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.8.10","matchCriteriaId":"6A6B920C-8D8F-4130-86B4-AD334F4CF2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*","matchCriteriaId":"22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/429846b4b6ce9853e0d803a2357bb2e55083adf0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4d2772324f43cf5674ac3dbe3f74a7e656396716","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5f0266044dc611563539705bff0b3e1545fbb6aa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f09318244c6cafd10aca741b9c01e0a2c362d43a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/429846b4b6ce9853e0d803a2357bb2e55083adf0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4d2772324f43cf5674ac3dbe3f74a7e656396716","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5f0266044dc611563539705bff0b3e1545fbb6aa","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f09318244c6cafd10aca741b9c01e0a2c362d43a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}