CVE-2024-36920

memcpy: detected field-spanning write (size 128) of single field "bsgreplybuf->replybuf" at drivers/scsi/mpi3mr/mpi3mrapp.c:1658 (size 1) WARNING: CPU: 0 PID: 12760 at drivers/scsi/mpi3mr/mpi3mrapp.c:1658 mpi3mrbsg_request+0x6b12/0x7f10 [mpi3mr]

The cause of the WARN is 128 bytes memcpy to the 1 byte size array "_u8 replaybuf[1]" in the struct mpi3mrbsginreplybuf. The array is intended to be a flexible length array, so the WARN is a false positive.

To suppress the WARN, remove the constant number '1' from the array declaration and clarify that it has flexible length. Also, adjust the memory allocation size to match the change.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c4f7ac64616ee513f9ac4ae6c4d8c3cccb6974df

Fixed

5f0266044dc611563539705bff0b3e1545fbb6aa

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c4f7ac64616ee513f9ac4ae6c4d8c3cccb6974df

Fixed

f09318244c6cafd10aca741b9c01e0a2c362d43a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c4f7ac64616ee513f9ac4ae6c4d8c3cccb6974df

Fixed

4d2772324f43cf5674ac3dbe3f74a7e656396716

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c4f7ac64616ee513f9ac4ae6c4d8c3cccb6974df

Fixed

429846b4b6ce9853e0d803a2357bb2e55083adf0

Affected versions

v5.*

v5.13

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.28

v6.1.29

v6.1.3

v6.1.30

v6.1.31

v6.1.32

v6.1.33

v6.1.34

v6.1.35

v6.1.36

v6.1.37

v6.1.38

v6.1.39

v6.1.4

v6.1.40

v6.1.41

v6.1.42

v6.1.43

v6.1.44

v6.1.45

v6.1.46

v6.1.47

v6.1.48

v6.1.49

v6.1.5

v6.1.50

v6.1.51

v6.1.52

v6.1.53

v6.1.54

v6.1.55

v6.1.56

v6.1.57

v6.1.58

v6.1.59

v6.1.6

v6.1.60

v6.1.61

v6.1.62

v6.1.63

v6.1.64

v6.1.65

v6.1.66

v6.1.67

v6.1.68

v6.1.69

v6.1.7

v6.1.70

v6.1.71

v6.1.72

v6.1.73

v6.1.74

v6.1.75

v6.1.76

v6.1.77

v6.1.78

v6.1.79

v6.1.8

v6.1.80

v6.1.81

v6.1.82

v6.1.83

v6.1.84

v6.1.85

v6.1.86

v6.1.87

v6.1.88

v6.1.89

v6.1.9

v6.1.90

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.8.1

v6.8.2

v6.8.3

v6.8.4

v6.8.5

v6.8.6

v6.8.7

v6.8.8

v6.8.9

v6.9-rc1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "id": "CVE-2024-36920-0c993254",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f09318244c6cafd10aca741b9c01e0a2c362d43a",
        "signature_version": "v1",
        "target": {
            "function": "mpi3mr_bsg_process_mpt_cmds",
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "function_hash": "293453829915905586810073817671293286676",
            "length": 11253.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-36920-21a36968",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d2772324f43cf5674ac3dbe3f74a7e656396716",
        "signature_version": "v1",
        "target": {
            "function": "mpi3mr_bsg_process_mpt_cmds",
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "function_hash": "261265001816911155169519989826585994645",
            "length": 12634.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-3b27886a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f09318244c6cafd10aca741b9c01e0a2c362d43a",
        "signature_version": "v1",
        "target": {
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188907995007292714330879446429895332379",
                "28660054659361153261615285911310330394",
                "98956436018142948930608588401574229418",
                "32548739152296959782015506416483625643"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-36920-488f2e6d",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@429846b4b6ce9853e0d803a2357bb2e55083adf0",
        "signature_version": "v1",
        "target": {
            "function": "mpi3mr_bsg_process_mpt_cmds",
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "function_hash": "261265001816911155169519989826585994645",
            "length": 12634.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-6340b565",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f0266044dc611563539705bff0b3e1545fbb6aa",
        "signature_version": "v1",
        "target": {
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188907995007292714330879446429895332379",
                "28660054659361153261615285911310330394",
                "98956436018142948930608588401574229418",
                "32548739152296959782015506416483625643"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-7cd51ccf",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f09318244c6cafd10aca741b9c01e0a2c362d43a",
        "signature_version": "v1",
        "target": {
            "file": "include/uapi/scsi/scsi_bsg_mpi3mr.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149702816995683853108620686572014689049",
                "207613560510058207459899689150939843549",
                "291694449306403875223362436902353361939",
                "231421485681236880092670687585575722194"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-82a473db",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d2772324f43cf5674ac3dbe3f74a7e656396716",
        "signature_version": "v1",
        "target": {
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188907995007292714330879446429895332379",
                "28660054659361153261615285911310330394",
                "98956436018142948930608588401574229418",
                "32548739152296959782015506416483625643"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-a80a3c97",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d2772324f43cf5674ac3dbe3f74a7e656396716",
        "signature_version": "v1",
        "target": {
            "file": "include/uapi/scsi/scsi_bsg_mpi3mr.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149702816995683853108620686572014689049",
                "207613560510058207459899689150939843549",
                "291694449306403875223362436902353361939",
                "231421485681236880092670687585575722194"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-b6b70bf0",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@429846b4b6ce9853e0d803a2357bb2e55083adf0",
        "signature_version": "v1",
        "target": {
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188907995007292714330879446429895332379",
                "28660054659361153261615285911310330394",
                "98956436018142948930608588401574229418",
                "32548739152296959782015506416483625643"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-bdd5fd0f",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f0266044dc611563539705bff0b3e1545fbb6aa",
        "signature_version": "v1",
        "target": {
            "file": "include/uapi/scsi/scsi_bsg_mpi3mr.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149702816995683853108620686572014689049",
                "207613560510058207459899689150939843549",
                "291694449306403875223362436902353361939",
                "231421485681236880092670687585575722194"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-36920-c6d0bf6c",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f0266044dc611563539705bff0b3e1545fbb6aa",
        "signature_version": "v1",
        "target": {
            "function": "mpi3mr_bsg_process_mpt_cmds",
            "file": "drivers/scsi/mpi3mr/mpi3mr_app.c"
        },
        "digest": {
            "function_hash": "293453829915905586810073817671293286676",
            "length": 11253.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-36920-fe116be5",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@429846b4b6ce9853e0d803a2357bb2e55083adf0",
        "signature_version": "v1",
        "target": {
            "file": "include/uapi/scsi/scsi_bsg_mpi3mr.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149702816995683853108620686572014689049",
                "207613560510058207459899689150939843549",
                "291694449306403875223362436902353361939",
                "231421485681236880092670687585575722194"
            ]
        },
        "deprecated": false
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.14.0

Fixed

6.1.91

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.31

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.10