CVE-2024-56769
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/01/2025
Last modified:
09/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg<br />
<br />
Syzbot reports [1] an uninitialized value issue found by KMSAN in<br />
dib3000_read_reg().<br />
<br />
Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case<br />
that call fails, the buffer may end up with some undefined values.<br />
<br />
Since no elaborate error handling is expected in dib3000_write_reg(),<br />
simply zero out rb buffer to mitigate the problem.<br />
<br />
[1] Syzkaller report<br />
dvb-usb: bulk message failed: -22 (6/0)<br />
=====================================================<br />
BUG: KMSAN: uninit-value in dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758<br />
dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758<br />
dibusb_dib3000mb_frontend_attach+0x155/0x2f0 drivers/media/usb/dvb-usb/dibusb-mb.c:31<br />
dvb_usb_adapter_frontend_init+0xed/0x9a0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:290<br />
dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:90 [inline]<br />
dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:186 [inline]<br />
dvb_usb_device_init+0x25a8/0x3760 drivers/media/usb/dvb-usb/dvb-usb-init.c:310<br />
dibusb_probe+0x46/0x250 drivers/media/usb/dvb-usb/dibusb-mb.c:110<br />
...<br />
Local variable rb created at:<br />
dib3000_read_reg+0x86/0x4e0 drivers/media/dvb-frontends/dib3000mb.c:54<br />
dib3000mb_attach+0x123/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758<br />
...
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.19 (including) | 6.1.123 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.69 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.8 (excluding) |
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/035772fcd631eee2756b31cb6df249c0a8d453d7
- https://git.kernel.org/stable/c/1d6de21f00293d819b5ca6dbe75ff1f3b6392140
- https://git.kernel.org/stable/c/2dd59fe0e19e1ab955259978082b62e5751924c7
- https://git.kernel.org/stable/c/3876e3a1c31a58a352c6bf5d2a90e3304445a637
- https://git.kernel.org/stable/c/53106510736e734ce8b731ba871363389bfbf4c9
- https://git.kernel.org/stable/c/c1197c1457bb7098cf46366e898eb52b41b6876a
- https://git.kernel.org/stable/c/e11778189513cd7fb2edced5bd053bc18ede8418