CVE-2024-47682 – This CVE describes an off-by-one buffer overflo... (How to Fix)

Q: What is the severity of CVE-2024-47682?

CVE-2024-47682 has a CVSS score of 7.8 (HIGH). This CVE describes an off-by-one buffer overflow vulnerability in the Linux kernel's SCSI subsystem. When a device returns a specific SCSI page with length 8, the sd_read_block_characteristics() function may attempt to access memory outside the allocated buffer, potentially leading to kernel crashes or local privilege escalation. This affects Linux systems using SCSI storage devices, particularly in virtualized environments like QEMU.

📋 TL;DR

This CVE describes an off-by-one buffer overflow vulnerability in the Linux kernel's SCSI subsystem. When a device returns a specific SCSI page with length 8, the sd_read_block_characteristics() function may attempt to access memory outside the allocated buffer, potentially leading to kernel crashes or local privilege escalation. This affects Linux systems using SCSI storage devices, particularly in virtualized environments like QEMU.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated, but references suggest multiple stable branches affected

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires SCSI storage subsystem usage, particularly vulnerable with QEMU v2.x virtual SCSI devices. Physical SCSI devices may also trigger if they return specific page length.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to root, kernel panic leading to denial of service, or potential arbitrary code execution in kernel context.

🟠

Likely Case

Kernel panic causing system crash/reboot when accessing specific SCSI devices, particularly in virtualized environments.

🟢

If Mitigated

System remains stable if vulnerable code path isn't triggered by specific SCSI device responses.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring access to SCSI subsystem, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Requires local access or ability to present malicious SCSI devices, but could be exploited by authenticated users or via virtualized storage.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to present malicious SCSI device responses, which could be achieved through virtualized storage or compromised hardware. Exploitation requires specific conditions to trigger the vulnerable code path.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in kernel stable trees (commits referenced in CVE)

Vendor Advisory: https://git.kernel.org/stable/c/413df704f149dec585df07466d2401bbd1f490a0

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply patches from kernel.org stable trees. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable SCSI zoned block device support

linux

Prevent vulnerable code path by disabling zoned block device feature if not required

echo 0 > /sys/module/sd_mod/parameters/zoned

Avoid vulnerable QEMU versions

linux

Use QEMU versions that don't trigger the specific page length condition

🧯 If You Can't Patch

Restrict access to SCSI devices to trusted users only
Monitor for kernel panic/crash events related to SCSI operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if SCSI storage is in use. Vulnerable if using affected kernel with SCSI devices.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated beyond patch commits. Check dmesg for SCSI-related errors after patch.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
SCSI error logs
Out of bounds memory access warnings in kernel logs

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND ("scsi" OR "sd_read_block")

📊 Metadata

CVE ID: CVE-2024-47682

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-193

Published: October 21, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47682, you might also want to check these: