CVE-2024-56769

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56769
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56769.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56769
Downstream
Related
Published
2025-01-06T16:20:46.838Z
Modified
2025-11-27T19:35:41.288303Z
Summary
media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
Details

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-frontends: dib3000mb: fix uninit-value in dib3000writereg

Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000readreg().

Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values.

Since no elaborate error handling is expected in dib3000writereg(), simply zero out rb buffer to mitigate the problem.

[1] Syzkaller report

dvb-usb: bulk message failed: -22 (6/0)

BUG: KMSAN: uninit-value in dib3000mbattach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 dib3000mbattach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 dibusbdib3000mbfrontendattach+0x155/0x2f0 drivers/media/usb/dvb-usb/dibusb-mb.c:31 dvbusbadapterfrontendinit+0xed/0x9a0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:290 dvbusbadapterinit drivers/media/usb/dvb-usb/dvb-usb-init.c:90 [inline] dvbusbinit drivers/media/usb/dvb-usb/dvb-usb-init.c:186 [inline] dvbusbdeviceinit+0x25a8/0x3760 drivers/media/usb/dvb-usb/dvb-usb-init.c:310 dibusbprobe+0x46/0x250 drivers/media/usb/dvb-usb/dibusb-mb.c:110 ... Local variable rb created at: dib3000readreg+0x86/0x4e0 drivers/media/dvb-frontends/dib3000mb.c:54 dib3000mb_attach+0x123/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 ...

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2024/56xxx/CVE-2024-56769.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
035772fcd631eee2756b31cb6df249c0a8d453d7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
e11778189513cd7fb2edced5bd053bc18ede8418
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
53106510736e734ce8b731ba871363389bfbf4c9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
3876e3a1c31a58a352c6bf5d2a90e3304445a637
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
1d6de21f00293d819b5ca6dbe75ff1f3b6392140
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
c1197c1457bb7098cf46366e898eb52b41b6876a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
74340b0a8bc60b400c7e5fe4950303aa6f914d16
Fixed
2dd59fe0e19e1ab955259978082b62e5751924c7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.19
Fixed
5.4.289
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.233
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.176
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.123
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.69
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.8