ГлавнаяУязвимости → CVE-2024-43877
7.1высокая

CVE-2024-43877

→ есть в БДУ: BDU:2025-01931 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check to return early on invalid value. Adjust warnings accordingly. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Источники
https://git.kernel.org/stable/c/24062aa7407091dee3e45a8e8037df437e848718https://git.kernel.org/stable/c/38f72c7e7c6b55614f9407555fd5ce9d019b0fa4https://git.kernel.org/stable/c/3d8fd92939e21ff0d45100ab208f8124af79402ahttps://git.kernel.org/stable/c/629913d6d79508b166c66e07e4857e20233d85a9https://git.kernel.org/stable/c/81d0664bed91a858c7b50c263954b59d65f1b414https://git.kernel.org/stable/c/c766065e8272085ea9c436414b7ddf1f12e7787bhttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.html