目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2022-48629— Linux kernel 安全漏洞

AI 预测 5.3 利用难度: 中等 EPSS 0.38% · P30

影响版本矩阵 14

厂商产品版本范围状态
LinuxLinuxceec5f5b59882b871a722ca4d49b767a09a4bde9< a8e32bbb96c25b7ab29b1894dcd45e0b3b08fd9daffected
ceec5f5b59882b871a722ca4d49b767a09a4bde9< 184f7bd08ce56f003530fc19f160d54e75bf5c9daffected
ceec5f5b59882b871a722ca4d49b767a09a4bde9< 0f9b7b8df17525e464294c916acc8194ce38446baffected
ceec5f5b59882b871a722ca4d49b767a09a4bde9< ab9337c7cb6f875b6286440b1adfbeeef2b2b2bdaffected
ceec5f5b59882b871a722ca4d49b767a09a4bde9< 485995cbc98a4f77cfd4f8ed4dd7ff8ab262964daffected
ceec5f5b59882b871a722ca4d49b767a09a4bde9< a680b1832ced3b5fa7c93484248fd221ea0d614baffected
4.19affected
< 4.19unaffected
… +6 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2022-48629 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
crypto: qcom-rng - ensure buffer for generate is completely filled
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in struct rng_alg expects that the destination buffer is completely filled if the function returns 0. qcom_rng_read() can run into a situation where the buffer is partially filled with randomness and the remaining part of the buffer is zeroed since qcom_rng_generate() doesn't check the return value. This issue can be reproduced by running the following from libkcapi: kcapi-rng -b 9000000 > OUTFILE The generated OUTFILE will have three huge sections that contain all zeros, and this is caused by the code where the test 'val & PRNG_STATUS_DATA_AVAIL' fails. Let's fix this issue by ensuring that qcom_rng_read() always returns with a full buffer if the function returns success. Let's also have qcom_rng_generate() return the correct value. Here's some statistics from the ent project (https://www.fourmilab.ch/random/) that shows information about the quality of the generated numbers: $ ent -c qcom-random-before Value Char Occurrences Fraction 0 606748 0.067416 1 33104 0.003678 2 33001 0.003667 ... 253 � 32883 0.003654 254 � 33035 0.003671 255 � 33239 0.003693 Total: 9000000 1.000000 Entropy = 7.811590 bits per byte. Optimum compression would reduce the size of this 9000000 byte file by 2 percent. Chi square distribution for 9000000 samples is 9329962.81, and randomly would exceed this value less than 0.01 percent of the times. Arithmetic mean value of data bytes is 119.3731 (127.5 = random). Monte Carlo value for Pi is 3.197293333 (error 1.77 percent). Serial correlation coefficient is 0.159130 (totally uncorrelated = 0.0). Without this patch, the results of the chi-square test is 0.01%, and the numbers are certainly not random according to ent's project page. The results improve with this patch: $ ent -c qcom-random-after Value Char Occurrences Fraction 0 35432 0.003937 1 35127 0.003903 2 35424 0.003936 ... 253 � 35201 0.003911 254 � 34835 0.003871 255 � 35368 0.003930 Total: 9000000 1.000000 Entropy = 7.999979 bits per byte. Optimum compression would reduce the size of this 9000000 byte file by 0 percent. Chi square distribution for 9000000 samples is 258.77, and randomly would exceed this value 42.24 percent of the times. Arithmetic mean value of data bytes is 127.5006 (127.5 = random). Monte Carlo value for Pi is 3.141277333 (error 0.01 percent). Serial correlation coefficient is 0.000468 (totally uncorrelated = 0.0). This change was tested on a Nexus 5 phone (msm8974 SoC).
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于crypto qcom-rng中存在缓冲区溢出。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux ceec5f5b59882b871a722ca4d49b767a09a4bde9 ~ a8e32bbb96c25b7ab29b1894dcd45e0b3b08fd9d -
LinuxLinux 4.19 -

二、漏洞 CVE-2022-48629 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2022-48629 的情报信息

登录查看更多情报信息。

CVE-2022-48629 其他参考 (5)

IV. Related Vulnerabilities

V. Comments for CVE-2022-48629

暂无评论


发表评论