CVE-2024-50026

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-50026
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50026.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50026
Downstream
Related
Published
2024-10-21T19:39:30.495Z
Modified
2026-05-28T03:54:31.863458507Z
Summary
scsi: wd33c93: Don't use stale scsi_pointer value
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: wd33c93: Don't use stale scsi_pointer value

A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93intr(). That commit added the scsipointer variable and initialized it from hostdata->connected. However, during selection, hostdata->connected is not yet valid. Fix this by getting the current scsi_pointer from hostdata->selecting.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50026.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dbb2da557a6a87c88bbb4b1fef037091b57f701b
Fixed
3afeceda855dea9b85cddd96307d4d17c8742005
Fixed
e04642a207f1d2ae28a08624c04c67f5681f3451
Fixed
b60ff1a95c7c386cdd6153de3d7d85edaeabd800
Fixed
9023ed8d91eb1fcc93e64dc4962f7412b1c4cbec

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50026.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.18.0
Fixed
6.1.113
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.57
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50026.json"