Linux Distros 未修补的漏洞:CVE-2024-53068
high Nessus 插件 ID 230575
语言:
简介
Linux/Unix 主机上安装的一个或多个程序包存在漏洞,但供应商表示不会修补此漏洞。描述
Linux/Unix 主机中安装的一个或多个程序包受到一个漏洞影响,而供应商没有提供补丁程序。- firmwarearm_scmi修复 scmi_bus_notifier() 中的 slab 释放后使用。在 __scmi_device_destroy() 中过早释放 scmi_dev->name导致访问 scmi_bus_notifier() 中的 scmi_dev->name 时发生 slab 释放后使用使用。因此将 scmi_dev->name 的发布移至 scmi_device_release() 以避免 slab 释放后使用。 | | 缺陷KASANstrncmp+0xe4/0xec 中的 slab 释放后使用| 由任务 swapper/0/1 在 addr ffffff80a482bcc0 读取大小 1 | CPU1 PID1 Commswapper/0 未受感染 6.6.38-debug #1 | | |硬件名称Qualcomm Technologies, Inc. SA8775P Ride (DT) | Qualcomm Technologies, Inc.调用跟踪dump_backtrace+0x94/0x114 | | show_stack+0x18/0x24 | dump_stack_lvl+0x48/0x60 | dump_stack_lvl+0x48/0x60 | print_report+0xf4/0x5b0 | | kasan_report+0xa4/0xec |
__asan_report_load1_noabort+0x20/0x2c | __asan_report_load1_noabort+0x20/0x2c | | strncmp+0xe4/0xec | | scmi_bus_notifier+0x5c/0x54c | | notifier_call_chain+0xb4/0x31c | |blocking_notifier_call_chain+0x68/0x9c | | bus_notify+0x54/0x78 | device_del+0x1bc/0x840 | | device_unregister+0x20/0xb4 | | __scmi_device_destroy+0xac/0x280 | | scmi_device_destroy+0x94/0xd0 | | scmi_chan_setup+0x524/0x750 | | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | | real_probe+0x32c/0x99c | | __driver_probe_device+0x15c/0x3c4 | | driver_probe_device+0x5c/0x170 | | __driver_attach+0x1c8/0x440 | | bus_for_each_dev+0xf4/0x178 | | driver_attach+0x3c/0x58 | | bus_add_driver+0x234/0x4d4 | | driver_register+0xf4/0x3c0 |
| __platform_driver_register+0x60/0x88 | | scmi_driver_init+0xb0/0x104 | | do_one_initcall+0xb4/0x664 | | kernel_init_freeable+0x3c8/0x894 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | | ret_from_fork+0x10/0x20 | |由任务 1 | kasan_save_stack+0x2c/0x54 | | kasan_set_track+0x2c/0x40 | | kasan_save_alloc_info+0x24/0x34 |
| __kasan_kmalloc+0xa0/0xb8 | | __kmalloc_node_track_caller+0x6c/0x104 | | kstrdup+0x48/0x84 | | kstrdup_const+0x34/0x40 | | __scmi_device_create.part.0+0x8c/0x408 | | scmi_device_create+0x104/0x370 | | scmi_chan_setup+0x2a0/0x750 | | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | | real_probe+0x32c/0x99c | | __driver_probe_device+0x15c/0x3c4 | | driver_probe_device+0x5c/0x170 |
| __driver_attach+0x1c8/0x440 | | bus_for_each_dev+0xf4/0x178 | | driver_attach+0x3c/0x58 | | bus_add_driver+0x234/0x4d4 | | driver_register+0xf4/0x3c0 | | __platform_driver_register+0x60/0x88 | | scmi_driver_init+0xb0/0x104 | | do_one_initcall+0xb4/0x664 | | kernel_init_freeable+0x3c8/0x894 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | | ret_from_fork+0x10/0x20 | |由任务 1: | 释放| kasan_save_stack+0x2c/0x54 | | kasan_set_track+0x2c/0x40 | | kasan_save_free_info+0x38/0x5c | | __kasan_slab_free+0xe8/0x164 |
| __kmem_cache_free+0x11c/0x230 | | kfree+0x70/0x130 | | kfree_const+0x20/0x40 |
| __scmi_device_destroy+0x70/0x280 | | scmi_device_destroy+0x94/0xd0 | | scmi_chan_setup+0x524/0x750 | | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | | real_probe+0x32c/0x99c |
| __driver_probe_device+0x15c/0x3c4 | | driver_probe_device+0x5c/0x170 | | __driver_attach+0x1c8/0x440 | | bus_for_each_dev+0xf4/0x178 | | driver_attach+0x3c/0x58 | | bus_add_driver+0x234/0x4d4 | | driver_register+0xf4/0x3c0 | | __platform_driver_register+0x60/0x88 | | scmi_driver_init+0xb0/0x104 | | do_one_initcall+0xb4/0x664 | | kernel_init_freeable+0x3c8/0x894 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_from_fork+0x10/0x20CVE-2024-53068
请注意,Nessus 依赖供应商报告的程序包是否存在进行判断。
解决方案
目前尚未有任何已知的解决方案。另见
插件详情
严重性: High
ID: 230575
文件名: unpatched_CVE_2024_53068.nasl
版本: 1.3
类型: local
代理: unix
系列: Misc.
发布时间: 2025/3/6
最近更新时间: 2025/8/30
支持的传感器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
风险信息
VPR
风险因素: Medium
分数: 6.7
CVSS v2
风险因素: Medium
基本分数: 6.9
时间分数: 5.1
矢量: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 分数来源: CVE-2024-53068
CVSS v3
风险因素: High
基本分数: 7.8
时间分数: 6.8
矢量: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:U/RL:O/RC:C
漏洞信息
CPE: p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5, cpe:/o:debian:debian_linux:11.0, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.15, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-azure, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-5.15, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-raspi, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:debian:debian_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx-zynqmp, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-ibm, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-igx, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-bluefield, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2
必需的 KB 项: Host/OS/identifier, Host/cpu, Host/local_checks_enabled, global_settings/vendor_unpatched
易利用性: No known exploits are available
漏洞发布日期: 2024/11/19
参考资料信息
CVE: CVE-2024-53068