Description
In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value.
Product status
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before 736ae988bfb5932c05625baff70fba224d547c08
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before 574b399a7fb6ae71c97e26d122205c4a720c0e43
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before c6015d0f7a2236ddb3928b2dfcb1c556a1368b55
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before f746fe0c51e044d1248dc67918328bfb3d86b639
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before 7fe3b4deed8b93609058c37c9a11df1d2b2c0423
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before e6b585d016c47ca8a37b92ea8a3fe35c0b585256
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before ad4c3037dc77739a625246a2a0fb23b8f3402c06
2bec708a88ce053ffcb0dd8e373d1e46c6dc38a4 (git) before a018d1cf990d0c339fe0e29b762ea5dc10567d67
3.19
Any version before 3.19
5.4.293 (semver)
5.10.237 (semver)
5.15.181 (semver)
6.1.135 (semver)
6.6.88 (semver)
6.12.24 (semver)
6.13.12 (semver)
6.14.3 (semver)
6.15 (original_commit_for_fix)
References
lists.debian.org/debian-lts-announce/2025/05/msg00045.html
lists.debian.org/debian-lts-announce/2025/05/msg00030.html
git.kernel.org/...c/736ae988bfb5932c05625baff70fba224d547c08
git.kernel.org/...c/574b399a7fb6ae71c97e26d122205c4a720c0e43
git.kernel.org/...c/c6015d0f7a2236ddb3928b2dfcb1c556a1368b55
git.kernel.org/...c/f746fe0c51e044d1248dc67918328bfb3d86b639
git.kernel.org/...c/e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96
git.kernel.org/...c/7fe3b4deed8b93609058c37c9a11df1d2b2c0423
git.kernel.org/...c/e6b585d016c47ca8a37b92ea8a3fe35c0b585256
git.kernel.org/...c/ad4c3037dc77739a625246a2a0fb23b8f3402c06
git.kernel.org/...c/a018d1cf990d0c339fe0e29b762ea5dc10567d67