CVE-2024-38619
- Source
- https://cve.org/CVERecord?id=CVE-2024-38619
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38619.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38619
- Downstream
- Related
- Published
- 2024-06-20T06:47:32.444Z
- Modified
- 2026-06-18T03:56:59.440715942Z
- Summary
- usb-storage: alauda: Check whether the media is initialized
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb-storage: alauda: Check whether the media is initialized
The member "uzonesize" of struct alaudainfo will remain 0 if alaudainitmedia() fails, potentially causing divide errors in alaudareaddata() and alaudawritelba(). - Add a member "mediainitialized" to struct alaudainfo. - Change a condition in alaudacheckmedia() to ensure the first initialization. - Add an error check for the return value of alaudainit_media().
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38619.json", "cna_assigner": "Linux" }- References
-
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-355557.html
- https://cert-portal.siemens.com/productcert/html/ssa-613116.html
- https://git.kernel.org/stable/c/16637fea001ab3c8df528a8995b3211906165a30
- https://git.kernel.org/stable/c/24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4
- https://git.kernel.org/stable/c/2cc32639ec347e3365075b130f9953ef16cb13f1
- https://git.kernel.org/stable/c/3eee13ab67f65606faa66e0c3c729e4f514838fd
- https://git.kernel.org/stable/c/51fe16c058acb22f847e69bc598066ed0bcd5c15
- https://git.kernel.org/stable/c/e0aab7b07a9375337847c9d74a5ec044071e01c8
- https://git.kernel.org/stable/c/e0e2eec76920a133dd49a4fbe4656d83596a1361
- https://git.kernel.org/stable/c/f68820f1256b21466ff094dd97f243b7e708f9c1
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38619.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-38619
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede80b0fade09ef1ee67b0898d480d4c588f124d5fFixede0aab7b07a9375337847c9d74a5ec044071e01c8Fixed51fe16c058acb22f847e69bc598066ed0bcd5c15Fixedf68820f1256b21466ff094dd97f243b7e708f9c1Fixed3eee13ab67f65606faa66e0c3c729e4f514838fdFixede0e2eec76920a133dd49a4fbe4656d83596a1361Fixed2cc32639ec347e3365075b130f9953ef16cb13f1Fixed24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4Fixed16637fea001ab3c8df528a8995b3211906165a30
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.16Fixed4.19.317
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.279
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.221
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.162
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.95
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.35
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.9.6