{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-56769","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-29T11:26:39.763Z","datePublished":"2025-01-06T16:20:46.838Z","dateUpdated":"2025-11-03T20:54:05.601Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T10:04:17.708Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg\n\nSyzbot reports [1] an uninitialized value issue found by KMSAN in\ndib3000_read_reg().\n\nLocal u8 rb[2] is used in i2c_transfer() as a read buffer; in case\nthat call fails, the buffer may end up with some undefined values.\n\nSince no elaborate error handling is expected in dib3000_write_reg(),\nsimply zero out rb buffer to mitigate the problem.\n\n[1] Syzkaller report\ndvb-usb: bulk message failed: -22 (6/0)\n=====================================================\nBUG: KMSAN: uninit-value in dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758\n dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758\n dibusb_dib3000mb_frontend_attach+0x155/0x2f0 drivers/media/usb/dvb-usb/dibusb-mb.c:31\n dvb_usb_adapter_frontend_init+0xed/0x9a0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:290\n dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:90 [inline]\n dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:186 [inline]\n dvb_usb_device_init+0x25a8/0x3760 drivers/media/usb/dvb-usb/dvb-usb-init.c:310\n dibusb_probe+0x46/0x250 drivers/media/usb/dvb-usb/dibusb-mb.c:110\n...\nLocal variable rb created at:\n dib3000_read_reg+0x86/0x4e0 drivers/media/dvb-frontends/dib3000mb.c:54\n dib3000mb_attach+0x123/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758\n..."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/dvb-frontends/dib3000mb.c"],"versions":[{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"035772fcd631eee2756b31cb6df249c0a8d453d7","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"e11778189513cd7fb2edced5bd053bc18ede8418","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"53106510736e734ce8b731ba871363389bfbf4c9","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"3876e3a1c31a58a352c6bf5d2a90e3304445a637","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"1d6de21f00293d819b5ca6dbe75ff1f3b6392140","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"c1197c1457bb7098cf46366e898eb52b41b6876a","status":"affected","versionType":"git"},{"version":"74340b0a8bc60b400c7e5fe4950303aa6f914d16","lessThan":"2dd59fe0e19e1ab955259978082b62e5751924c7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/media/dvb-frontends/dib3000mb.c"],"versions":[{"version":"2.6.19","status":"affected"},{"version":"0","lessThan":"2.6.19","status":"unaffected","versionType":"semver"},{"version":"5.4.289","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.233","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.176","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.123","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.69","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.8","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.4.289"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.10.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.15.176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.1.123"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.6.69"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.12.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/035772fcd631eee2756b31cb6df249c0a8d453d7"},{"url":"https://git.kernel.org/stable/c/e11778189513cd7fb2edced5bd053bc18ede8418"},{"url":"https://git.kernel.org/stable/c/53106510736e734ce8b731ba871363389bfbf4c9"},{"url":"https://git.kernel.org/stable/c/3876e3a1c31a58a352c6bf5d2a90e3304445a637"},{"url":"https://git.kernel.org/stable/c/1d6de21f00293d819b5ca6dbe75ff1f3b6392140"},{"url":"https://git.kernel.org/stable/c/c1197c1457bb7098cf46366e898eb52b41b6876a"},{"url":"https://git.kernel.org/stable/c/2dd59fe0e19e1ab955259978082b62e5751924c7"}],"title":"media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:54:05.601Z"}}]}}