From ba7004eb122a55d659be2a0c49cca06143928b7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BE=AE=E9=A3=8E?= Date: Sat, 28 Jun 2025 09:59:48 +0000 Subject: [PATCH 1/4] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20CVE-2024-39831?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep new file mode 100644 index 0000000..e69de29 -- Gitee From 63e81e5f619af73651c5c3a094738b58ebed34a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BE=AE=E9=A3=8E?= Date: Sat, 28 Jun 2025 10:01:14 +0000 Subject: [PATCH 2/4] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20vuln?= =?UTF-8?q?test/SSTSTestcases/2024/10/CVE-2024-39831/.keep?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep deleted file mode 100644 index e69de29..0000000 -- Gitee From 4ed67ac8805e3167fd9f8fb927ce5d5bdbccf5d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BE=AE=E9=A3=8E?= Date: Sat, 28 Jun 2025 10:05:07 +0000 Subject: [PATCH 3/4] =?UTF-8?q?=E6=96=B0=E5=BB=BA=20CVE-2024-39831?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep new file mode 100644 index 0000000..e69de29 -- Gitee From ddb288a3da387fa31c0b3c67adb12233e73369a6 Mon Sep 17 00:00:00 2001 From: bingzhikang Date: Sat, 28 Jun 2025 18:14:27 +0800 Subject: [PATCH 4/4] commit msg Signed-off-by: bingzhikang --- .../2024/10/CVE-2024-39831/.keep | 0 .../TestCaseInfo-CVE-2024-39831.json | 118 ++++++++++++++++++ .../TestCaseInfo-CVE-2024-39831.yara | 32 +++++ 3 files changed, 150 insertions(+) delete mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep create mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.json create mode 100644 vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.yara diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.json b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.json new file mode 100644 index 0000000..11d5f4b --- /dev/null +++ b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.json @@ -0,0 +1,118 @@ +{ + "month": "2024-10", + "release_time": "", + "vulnerabilities": [ + { + "month": "2024-10", + "vul_id": { + "cve": "CVE-2024-39831", + "openharmony-sa": "" + }, + "severity": "low", + "vul_description": { + "zh": "访问控制模块释放后使用漏洞", + "en": "Use - After - Free Vulnerability in Access Control Module" + }, + "vul_impact": { + "zh": "本地攻击者取得高权限后可通过本漏洞造成任意代码执行", + "en": "Local attackers, after obtaining high - level privileges, can exploit this vulnerability to achieve arbitrary code execution." + }, + "disclosure": { + "zh": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md", + "en": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-10.md" + }, + "patch_info": { + "4.1.x": { + "patch_url": [ + "https://gitee.com/openharmony/kernel_linux_5.10/pulls/1506" + ], + "patch_file": [ + "https://gitee.com/openharmony/kernel_linux_5.10/pulls/1506.patch" + ], + "diff_file": [ + "https://gitee.com/openharmony/kernel_linux_5.10/pulls/1506.diff" + ] + } + }, + "affected_projects": "Access Control Subsystem", + "object_type": "kernel_linux", + "affected_versions": [ + "4.1.0-4.1.1" + ], + "affected_device": { + "mini": { + "liteos": { + "rics-v": { + "scan_strategy": { + "ssts": { + "enable": false + }, + "ists": { + "enable": false + } + } + } + } + }, + "small": { + "liteos": { + "rics-v": { + "scan_strategy": { + "ssts": { + "enable": false + }, + "ists": { + "enable": false + } + } + } + }, + "linux": { + "arm": { + "scan_strategy": { + "ssts": { + "enable": false + }, + "ists": { + "enable": false + } + } + } + } + }, + "standard": { + "linux": { + "arm": { + "scan_strategy": { + "ssts": { + "enable": false + }, + "ists": { + "enable": true, + "yara": { + "affected_files": [ + "/dev/block/platform/fe310000.sdhci/by-name/boot_linux" + ], + "yara_rules": [ + "TestCaseInfo-CVE-2024-39831.yara" + ] + } + } + } + }, + "arm64": { + "scan_strategy": { + "ssts": { + "enable": false + }, + "ists": { + "enable": false + } + } + } + } + } + } + } + ] +} \ No newline at end of file diff --git a/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.yara b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.yara new file mode 100644 index 0000000..c555576 --- /dev/null +++ b/vulntest/SSTSTestcases/2024/10/CVE-2024-39831/TestCaseInfo-CVE-2024-39831.yara @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2025 Beijing University of Posts and Telecommunications. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import "console" + +rule TestCaseRule_CVE_2024_39831 +{ + meta: + data="2025-6-28" + openharmony_sa="" + cve="CVE-2024-39831" + file="/dev/block/platform/fe310000.sdhci/by-name/boot_linux" + + strings: + $fix = {08 09 09 8B E9 0F 40 B9 2A 00 80 52} + + condition: + $fix and console.log("CVE-2024-39831 testcase pass") + } \ No newline at end of file -- Gitee