CVE-2024-36920

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: mpi3mr: Avoid memcpy field-spanning write WARNING<br /> <br /> When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver<br /> prints this WARNING message:<br /> <br /> memcpy: detected field-spanning write (size 128) of single field "bsg_reply_buf-&gt;reply_buf" at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 (size 1)<br /> WARNING: CPU: 0 PID: 12760 at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 mpi3mr_bsg_request+0x6b12/0x7f10 [mpi3mr]<br /> <br /> The cause of the WARN is 128 bytes memcpy to the 1 byte size array "__u8<br /> replay_buf[1]" in the struct mpi3mr_bsg_in_reply_buf. The array is intended<br /> to be a flexible length array, so the WARN is a false positive.<br /> <br /> To suppress the WARN, remove the constant number &amp;#39;1&amp;#39; from the array<br /> declaration and clarify that it has flexible length. Also, adjust the<br /> memory allocation size to match the change.