一、 漏洞 CVE-2024-58002 基础信息
漏洞标题
media: uvcvideo: 清除悬空指针
来源:AIGC 神龙大模型
漏洞描述信息
在Linux内核中,已修复以下漏洞: 媒体:uvcvideo:移除悬垂指针 当写入异步控制时,我们会复制一个指向启动该操作的文件句柄的指针。该指针将在设备完成操作时使用,这可能在未来任何时候。 如果用户关闭该文件描述符,其结构将会被释放,那么每个待处理的异步控制都会有一个悬垂指针,而驱动程序会尝试使用这些指针。 在release()期间清理所有悬垂指针。 为了避免在最常见的情况下(没有异步操作)增加性能开销,引入了一个计数器及相应的逻辑,以确保其能够被正确处理。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
来源:AIGC 神龙大模型
漏洞类别
释放后使用
来源:AIGC 神龙大模型
漏洞标题
media: uvcvideo: Remove dangling pointers
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be anytime in the future. If the user closes that file descriptor, its structure will be freed, and there will be one dangling pointer per pending async control, that the driver will try to use. Clean all the dangling pointers during release(). To avoid adding a performance penalty in the most common case (no async operation), a counter has been introduced with some logic to make sure that it is properly handled.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2024-58002 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2024-58002 的情报信息

  • 标题: media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    media: uvcvideo: Remove dangling pointers - kernel/git/stable/linux.git - Linux kernel stable tree
  • https://nvd.nist.gov/vuln/detail/CVE-2024-58002