{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-38619","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-18T19:36:34.945Z","datePublished":"2024-06-20T06:47:32.444Z","dateUpdated":"2025-11-03T21:55:50.508Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:15:26.343Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb-storage: alauda: Check whether the media is initialized\n\nThe member \"uzonesize\" of struct alauda_info will remain 0\nif alauda_init_media() fails, potentially causing divide errors\nin alauda_read_data() and alauda_write_lba().\n- Add a member \"media_initialized\" to struct alauda_info.\n- Change a condition in alauda_check_media() to ensure the\n  first initialization.\n- Add an error check for the return value of alauda_init_media()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/usb/storage/alauda.c"],"versions":[{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"e0aab7b07a9375337847c9d74a5ec044071e01c8","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"51fe16c058acb22f847e69bc598066ed0bcd5c15","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"f68820f1256b21466ff094dd97f243b7e708f9c1","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"3eee13ab67f65606faa66e0c3c729e4f514838fd","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"e0e2eec76920a133dd49a4fbe4656d83596a1361","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"2cc32639ec347e3365075b130f9953ef16cb13f1","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4","status":"affected","versionType":"git"},{"version":"e80b0fade09ef1ee67b0898d480d4c588f124d5f","lessThan":"16637fea001ab3c8df528a8995b3211906165a30","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/usb/storage/alauda.c"],"versions":[{"version":"2.6.16","status":"affected"},{"version":"0","lessThan":"2.6.16","status":"unaffected","versionType":"semver"},{"version":"4.19.317","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.279","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.221","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.162","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.95","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.35","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.6","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"4.19.317"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"5.4.279"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"5.10.221"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"5.15.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"6.1.95"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"6.6.35"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"6.9.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.16","versionEndExcluding":"6.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/e0aab7b07a9375337847c9d74a5ec044071e01c8"},{"url":"https://git.kernel.org/stable/c/51fe16c058acb22f847e69bc598066ed0bcd5c15"},{"url":"https://git.kernel.org/stable/c/f68820f1256b21466ff094dd97f243b7e708f9c1"},{"url":"https://git.kernel.org/stable/c/3eee13ab67f65606faa66e0c3c729e4f514838fd"},{"url":"https://git.kernel.org/stable/c/e0e2eec76920a133dd49a4fbe4656d83596a1361"},{"url":"https://git.kernel.org/stable/c/2cc32639ec347e3365075b130f9953ef16cb13f1"},{"url":"https://git.kernel.org/stable/c/24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4"},{"url":"https://git.kernel.org/stable/c/16637fea001ab3c8df528a8995b3211906165a30"}],"title":"usb-storage: alauda: Check whether the media is initialized","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/e0aab7b07a9375337847c9d74a5ec044071e01c8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/51fe16c058acb22f847e69bc598066ed0bcd5c15","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f68820f1256b21466ff094dd97f243b7e708f9c1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3eee13ab67f65606faa66e0c3c729e4f514838fd","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e0e2eec76920a133dd49a4fbe4656d83596a1361","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/2cc32639ec347e3365075b130f9953ef16cb13f1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/24bff7f714bdff97c2a75a0ff6a368cdf8ad5af4","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/16637fea001ab3c8df528a8995b3211906165a30","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:55:50.508Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-38619","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T17:11:41.791337Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:50.539Z"}}]}}