一、 漏洞 CVE-2024-53063 基础信息
漏洞标题
媒体组件存在空指针漏洞
来源:AIGC 神龙大模型
漏洞描述信息
在Linux内核中,已修复了以下漏洞: 媒体:dvbdev:防止内存溢出访问的风险 dvbdev包含一个用于存储dvb minors的静态变量。 其行为取决于是否设置了CONFIG_DVB_DYNAMIC_MINORS。如果没有设置,dvb_register_device()将不会检查边界,因为它依赖于之前调用的dvb_register_adapter()已经实现了边界检查。 类似地,dvb_device_open()假设注册函数已经完成了所需的检查。 如果某些设备使用了不同的调用方式,这可能会变得脆弱。这也将在静态检查分析工具(如Coverity)中生成警告。 因此,添加明确的保护措施以防止潜在的内存溢出问题。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
来源:AIGC 神龙大模型
漏洞类别
不加限制或调节的资源分配
来源:AIGC 神龙大模型
漏洞标题
media: dvbdev: prevent the risk of out of memory access
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_register_device() won't check for boundaries, as it will rely that a previous call to dvb_register_adapter() would already be enforcing it. On a similar way, dvb_device_open() uses the assumption that the register functions already did the needed checks. This can be fragile if some device ends using different calls. This also generate warnings on static check analysers like Coverity. So, add explicit guards to prevent potential risk of OOM issues.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Linux kernel 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于允许越界访问内存。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-53063 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2024-53063 的情报信息

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    media: dvbdev: prevent the risk of out of memory access - kernel/git/stable/linux.git - Linux kernel stable tree
  • https://nvd.nist.gov/vuln/detail/CVE-2024-53063