CVE-2024-53063

一、漏洞信息
漏洞编号：CVE-2024-53063
漏洞归属组件：kernel
漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.1.8,6.4.0,6.6.0
CVSS V3.0分值：
BaseScore：5.5 Medium
Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞简述：
In the Linux kernel, the following vulnerability has been resolved:media: dvbdev: prevent the risk of out of memory accessThe dvbdev contains a static variable used to store dvb minors.The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is setor not. When not set, dvb_register_device() won t check forboundaries, as it will rely that a previous call todvb_register_adapter() would already be enforcing it.On a similar way, dvb_device_open() uses the assumptionthat the register functions already did the needed checks.This can be fragile if some device ends using differentcalls. This also generate warnings on static check analyserslike Coverity.So, add explicit guards to prevent potential risk of OOM issues.
漏洞公开时间：2024-11-20 02:15:26
漏洞创建时间：2024-11-20 02:42:27
漏洞详情参考链接：
https://nvd.nist.gov/vuln/detail/CVE-2024-53063

更多参考(点击展开)

参考来源	参考链接	来源链接
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1e461672616b726f29261ee81bb991528818537c
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3b88675e18b6517043a6f734eaa8ea6eb3bfa140
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5f76f7df14861e3a560898fa41979ec92424b58f
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/972e63e895abbe8aa1ccbdbb4e6362abda7cd457
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9c17085fabbde2041c893d29599800f2d4992b23
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a4a17210c03ade1c8d9a9f193a105654b7a05c11
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/b751a96025275c17f04083cbfe856822f1658946
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fedfde9deb83ac8d2f3d5f36f111023df34b1684
suse_bugzilla	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-53063	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-53063.mbox	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/fedfde9deb83ac8d2f3d5f36f111023df34b1684	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/3b88675e18b6517043a6f734eaa8ea6eb3bfa140	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/a4a17210c03ade1c8d9a9f193a105654b7a05c11	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/5f76f7df14861e3a560898fa41979ec92424b58f	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/b751a96025275c17f04083cbfe856822f1658946	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/1e461672616b726f29261ee81bb991528818537c	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/9c17085fabbde2041c893d29599800f2d4992b23	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://git.kernel.org/stable/c/972e63e895abbe8aa1ccbdbb4e6362abda7cd457	https://bugzilla.suse.com/show_bug.cgi?id=1233557
suse_bugzilla	https://www.cve.org/CVERecord?id=CVE-2024-53063	https://bugzilla.suse.com/show_bug.cgi?id=1233557
redhat_bugzilla	https://lore.kernel.org/linux-cve-announce/2024111932-CVE-2024-53063-1ffa@gregkh/T	https://bugzilla.redhat.com/show_bug.cgi?id=2327384
debian		https://security-tracker.debian.org/tracker/CVE-2024-53063
osv	https://git.kernel.org/stable/c/1e461672616b726f29261ee81bb991528818537c	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/3b88675e18b6517043a6f734eaa8ea6eb3bfa140	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/5f76f7df14861e3a560898fa41979ec92424b58f	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/972e63e895abbe8aa1ccbdbb4e6362abda7cd457	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/9c17085fabbde2041c893d29599800f2d4992b23	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/a4a17210c03ade1c8d9a9f193a105654b7a05c11	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/b751a96025275c17f04083cbfe856822f1658946	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://git.kernel.org/stable/c/fedfde9deb83ac8d2f3d5f36f111023df34b1684	https://osv.dev/vulnerability/CVE-2024-53063
osv	https://security-tracker.debian.org/tracker/CVE-2024-53063	https://osv.dev/vulnerability/CVE-2024-53063

漏洞分析指导链接：
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
openBrain开源漏洞感知系统
漏洞补丁信息：

详情(点击展开)

影响的包	修复版本	修复补丁	问题引入补丁	来源
		https://git.kernel.org/stable/c/1e461672616b726f29261ee81bb991528818537c		nvd
		https://git.kernel.org/stable/c/3b88675e18b6517043a6f734eaa8ea6eb3bfa140		nvd
		https://git.kernel.org/stable/c/5f76f7df14861e3a560898fa41979ec92424b58f		nvd
		https://git.kernel.org/stable/c/972e63e895abbe8aa1ccbdbb4e6362abda7cd457		nvd
		https://git.kernel.org/stable/c/9c17085fabbde2041c893d29599800f2d4992b23		nvd
		https://git.kernel.org/stable/c/a4a17210c03ade1c8d9a9f193a105654b7a05c11		nvd
		https://git.kernel.org/stable/c/b751a96025275c17f04083cbfe856822f1658946		nvd
		https://git.kernel.org/stable/c/fedfde9deb83ac8d2f3d5f36f111023df34b1684		nvd
linux_kernel	4.19.324	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fedfde9deb83Issue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	5.4.286	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3b88675e18b6Issue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	5.10.230	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=a4a17210c03aIssue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	5.15.172	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5f76f7df1486Issue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	6.1.117	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b751a9602527Issue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	6.6.61	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=1e461672616bIssue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	6.11.8	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9c17085fabbdIssue	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves
linux_kernel	6.12	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=972e63e895abPlease	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5dd3f3071070	linuxkernelcves

二、漏洞分析结构反馈
影响性分析说明：
In the Linux kernel, the following vulnerability has been resolved:media: dvbdev: prevent the risk of out of memory accessThe dvbdev contains a static variable used to store dvb minors.The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is setor not. When not set, dvb_register_device() won t check forboundaries, as it will rely that a previous call todvb_register_adapter() would already be enforcing it.On a similar way, dvb_device_open() uses the assumptionthat the register functions already did the needed checks.This can be fragile if some device ends using differentcalls. This also generate warnings on static check analyserslike Coverity.So, add explicit guards to prevent potential risk of OOM issues.
openEuler评分：
5.5
Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
受影响版本排查(受影响/不受影响)：
1.openEuler-20.03-LTS-SP4(4.19.90):受影响
2.openEuler-22.03-LTS-SP1(5.10.0):受影响
3.openEuler-22.03-LTS-SP3(5.10.0):受影响
4.openEuler-22.03-LTS-SP4(5.10.0):受影响
5.openEuler-24.03-LTS(6.6.0):受影响
6.openEuler-24.03-LTS-SP1(6.6.0):受影响
7.master(6.6.0):不受影响
8.openEuler-24.03-LTS-Next(6.6.0):不受影响

修复是否涉及abi变化(是/否)：
1.openEuler-20.03-LTS-SP4(4.19.90):否
2.openEuler-22.03-LTS-SP1(5.10.0):否
3.openEuler-22.03-LTS-SP3(5.10.0):否
4.master(6.6.0):否
5.openEuler-24.03-LTS(6.6.0):否
6.openEuler-24.03-LTS-Next(6.6.0):否
7.openEuler-22.03-LTS-SP4(5.10.0):否
8.openEuler-24.03-LTS-SP1(6.6.0):否

原因说明：
1.openEuler-22.03-LTS-SP1(5.10.0):正常修复
2.openEuler-22.03-LTS-SP3(5.10.0):正常修复
3.openEuler-22.03-LTS-SP4(5.10.0):正常修复
4.openEuler-24.03-LTS(6.6.0):正常修复
5.openEuler-24.03-LTS-SP1(6.6.0):正常修复
6.openEuler-20.03-LTS-SP4(4.19.90):暂不修复-暂无解决方案或补丁
7.master(6.6.0):不受影响-漏洞代码不能被攻击者触发
8.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不能被攻击者触发

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2024-2521

Hi openeuler-ci-bot, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers.

@yangyingliang ,@jiaoff ,@guohaocs2c ,@hanjun-guo ,@woqidaideshi ,@newbeats ,@zhangyi089 ,@colyli ,@thundertown ,@htforge ,@chiqijun ,@lengchao ,@zhujianwei001 ,@kylin-mayukun ,@wangxiongfeng ,@wkfxxx ,@SuperSix173 ,@jentlestea ,@oskernel0719 ,@gasonchen 
**issue处理注意事项:** 
**1. 当前issue受影响的分支提交pr时, 须在pr描述中填写当前issue编号进行关联, 否则无法关闭当前issue;**
**2. 模板内容需要填写完整, 无论是受影响或者不受影响都需要填写完整内容,未引入的分支不需要填写, 否则无法关闭当前issue;**
**3. 以下为模板中需要填写完整的内容, 请复制到评论区回复, 注: 内容的标题名称(影响性分析说明, openEuler评分, 受影响版本排查(受影响/不受影响), 修复是否涉及abi变化(是/否), 原因说明)不能省略,省略后cve-manager将无法正常解析填写内容.**
************************************************************************
影响性分析说明:

openEuler评分: (评分和向量)

受影响版本排查(受影响/不受影响): 
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

修复是否涉及abi变化(是/否)：
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

原因说明：
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

issue处理具体操作请参考: 
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
pr关联issue具体操作请参考:
https://gitee.com/help/articles/4142

CVE-2024-53063

影响性分析说明：
In the Linux kernel, the following vulnerability has been resolved:

media: dvbdev: prevent the risk of out of memory access

The dvbdev contains a static variable used to store dvb minors.

The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set
or not. When not set, dvb_register_device() won't check for
boundaries, as it will rely that a previous call to
dvb_register_adapter() would already be enforcing it.

On a similar way, dvb_device_open() uses the assumption
that the register functions already did the needed checks.

This can be fragile if some device ends using different
calls. This also generate warnings on static check analysers
like Coverity.

So, add explicit guards to prevent potential risk of OOM issues.

openEuler评分:(评分和向量)
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS-SP4:受影响
2.openEuler-22.03-LTS-SP1:受影响
3.openEuler-22.03-LTS-SP3:受影响
4.openEuler-22.03-LTS-SP4:受影响
5.master(6.1.0):不受影响
6.openEuler-24.03-LTS:受影响
7.openEuler-24.03-LTS-Next:不受影响

修复是否涉及abi变化(是/否)：
1.openEuler-20.03-LTS-SP4:否
2.openEuler-22.03-LTS-SP1:否
3.openEuler-22.03-LTS-SP3:否
4.master(6.1.0):否
5.openEuler-24.03-LTS:否
6.openEuler-24.03-LTS-Next:否
7.openEuler-22.03-LTS-SP4:否