一、 漏洞 CVE-2024-49973 基础信息
漏洞标题
r8169驱动存在安全漏洞
来源:AIGC 神龙大模型
漏洞描述信息
在Linux内核中,已修复以下漏洞: r8169:添加RTL8125新增的计数器字段 RTL8125向计数器添加了新的字段,这可能导致芯片将这些新字段DMA到未分配的内存中。因此,确保分配的内存区域足够大,能够容纳所有的计数器值,即使我们只使用其中的一部分。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
来源:AIGC 神龙大模型
漏洞类别
不加限制或调节的资源分配
来源:AIGC 神龙大模型
漏洞标题
r8169: add tally counter fields added with RTL8125
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big enough to hold all of the tally counter values, even if we use only parts of it.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Linux kernel 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于r8169驱动中对RTL8125新增的计数器字段处理不当。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-49973 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2024-49973 的情报信息

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    r8169: add tally counter fields added with RTL8125 - kernel/git/stable/linux.git - Linux kernel stable tree
  • https://nvd.nist.gov/vuln/detail/CVE-2024-49973