CVE-2024-43877

2024-08-2101:15:12

Linux

web.nvd.nist.gov

linux kernel

media

pci

ivtv

dma

out of bounds access

linux verification center

AI Score

6.6

Confidence

Low

EPSS

Percentile

16.4%

JSON

In the Linux kernel, the following vulnerability has been resolved:

media: pci: ivtv: Add check for DMA map result

In case DMA fails, ‘dma->SG_length’ is 0. This value is later used to
access ‘dma->SGarray[dma->SG_length - 1]’, which will cause out of
bounds access.

Add check to return early on invalid value. Adjust warnings accordingly.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected configurations

Vulners

Node

linuxlinux_kernelRange5.16–6.1.103

linuxlinux_kernelRange6.2.0–6.6.44

linuxlinux_kernelRange6.7.0–6.10.3

linuxlinux_kernelRange6.11.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/pci/ivtv/ivtv-udma.c",
      "drivers/media/pci/ivtv/ivtv-yuv.c",
      "drivers/media/pci/ivtv/ivtvfb.c"
    ],
    "versions": [
      {
        "version": "1932dc2f4cf6",
        "lessThan": "24062aa74070",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "3d8fd92939e2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "c766065e8272",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "629913d6d795",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/pci/ivtv/ivtv-udma.c",
      "drivers/media/pci/ivtv/ivtv-yuv.c",
      "drivers/media/pci/ivtv/ivtvfb.c"
    ],
    "versions": [
      {
        "version": "5.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.16",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.103",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.44",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.3",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]