Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-43877
HistoryAug 21, 2024 - 12:06 a.m.

CVE-2024-43877 media: pci: ivtv: Add check for DMA map result

2024-08-2100:06:29
Linux
www.cve.org
5
cve-2024-43877
media
pci
ivtv
dma
linux kernel
vulnerability
out of bounds access
linux verification center
svace

EPSS

0

Percentile

16.4%

JSON

In the Linux kernel, the following vulnerability has been resolved:

media: pci: ivtv: Add check for DMA map result

In case DMA fails, ‘dma->SG_length’ is 0. This value is later used to
access ‘dma->SGarray[dma->SG_length - 1]’, which will cause out of
bounds access.

Add check to return early on invalid value. Adjust warnings accordingly.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/pci/ivtv/ivtv-udma.c",
      "drivers/media/pci/ivtv/ivtv-yuv.c",
      "drivers/media/pci/ivtv/ivtvfb.c"
    ],
    "versions": [
      {
        "version": "1932dc2f4cf6",
        "lessThan": "24062aa74070",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "3d8fd92939e2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "c766065e8272",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1932dc2f4cf6",
        "lessThan": "629913d6d795",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/media/pci/ivtv/ivtv-udma.c",
      "drivers/media/pci/ivtv/ivtv-yuv.c",
      "drivers/media/pci/ivtv/ivtvfb.c"
    ],
    "versions": [
      {
        "version": "5.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.16",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.103",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.44",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.3",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

debiancve 1
ubuntucve 1
nvd 1
cve 1
osv 3
redhatcve 1
vulnrichment 1
nessus 2
debiancve
debiancve
CVE-2024-43877
2024-08-21 01:15:12
ubuntucve
ubuntucve
CVE-2024-43877
2024-08-21 00:00:00
nvd
nvd
CVE-2024-43877
2024-08-21 01:15:12
cve
cve
CVE-2024-43877
2024-08-21 01:15:12
osv
osv
CVE-2024-43877
2024-08-21 01:15:12
Security update for the Linux Kernel
2024-09-10 14:10:24
Security update for the Linux Kernel
2024-09-10 09:06:25
redhatcve
redhatcve
CVE-2024-43877
2024-08-21 19:40:29
vulnrichment
vulnrichment
CVE-2024-43877 media: pci: ivtv: Add check for DMA map result
2024-08-21 00:06:29
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3194-1)
2024-09-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3195-1)
2024-09-11 00:00:00

EPSS

0

Percentile

16.4%

JSON
Related for CVELIST:CVE-2024-43877
debiancve1ubuntucve1nvd1cve1osv3redhatcve1vulnrichment1nessus2