CVE-2024-50026

{"id": "CVE-2024-50026", "cveTags": [], "metrics": {}, "published": "2024-10-21T20:15:15.993", "references": [{"url": "https://git.kernel.org/stable/c/3afeceda855dea9b85cddd96307d4d17c8742005", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9023ed8d91eb1fcc93e64dc4962f7412b1c4cbec", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b60ff1a95c7c386cdd6153de3d7d85edaeabd800", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e04642a207f1d2ae28a08624c04c67f5681f3451", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: wd33c93: Don't use stale scsi_pointer value\n\nA regression was introduced with commit dbb2da557a6a (\"scsi: wd33c93:\nMove the SCSI pointer to private command data\") which results in an oops\nin wd33c93_intr(). That commit added the scsi_pointer variable and\ninitialized it from hostdata->connected. However, during selection,\nhostdata->connected is not yet valid. Fix this by getting the current\nscsi_pointer from hostdata->selecting."}], "lastModified": "2024-10-21T20:15:15.993", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}