目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-53047— Linux kernel 安全漏洞

AI Predicted 5.5 Difficulty: Moderate EPSS 0.19% · P9

Possible ATT&CK Techniques 1AI

T1203 · Exploitation for Client Execution

Affected Version Matrix 20

ベンダープロダクトVersion Rangeステータス
LinuxLinuxf24c4d478013d82bd1b943df566fff3561d52864< 22022cd8851703a58f67615a17bc7e9e8682785baffected
f24c4d478013d82bd1b943df566fff3561d52864< 67adde6bfdfd563a54b045d59aeb9a2d90c80697affected
f24c4d478013d82bd1b943df566fff3561d52864< 608e1f7bc9d171ab26c1fba288c97fc76363c27daffected
f24c4d478013d82bd1b943df566fff3561d52864< 8be69e9245f805566bac68ffc8574b64735fd996affected
f24c4d478013d82bd1b943df566fff3561d52864< 5e185330d902b12fe8e6eb4b8514b5d736d8d66daffected
f24c4d478013d82bd1b943df566fff3561d52864< e0e6b14995fd6fa2c0df8c712d76ab32f0694c31affected
f24c4d478013d82bd1b943df566fff3561d52864< ab3f7098a3a27175b91cfc947950f5c26855801baffected
f24c4d478013d82bd1b943df566fff3561d52864< 48a428215782321b56956974f23593e40ce84b7aaffected
… +12 more rows
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-53047の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
efi/capsule-loader: fix incorrect sizeof in phys array reallocation
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc() call for cap_info->phys in __efi_capsule_setup_info() uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t), which might be causing an undersized allocation. The allocation is also inconsistent with the initial array allocation in efi_capsule_open() that allocates one entry with sizeof(phys_addr_t), and the efi_capsule_write() function that stores phys_addr_t values (not pointers) via page_to_phys(). On 64-bit systems where sizeof(phys_addr_t) == sizeof(phys_addr_t *), this goes unnoticed. On 32-bit systems with PAE where phys_addr_t is 64-bit but pointers are 32-bit, this allocates half the required space, which might lead to a heap buffer overflow when storing physical addresses. This is similar to the bug fixed in commit fccfa646ef36 ("efi/capsule-loader: fix incorrect allocation size") which fixed the same issue at the initial allocation site.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会开源的操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于使用sizeof(phys_addr_t *)代替sizeof(phys_addr_t)进行内存分配,导致在32位PAE系统上分配空间不足,可能造成堆缓冲区溢出。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux f24c4d478013d82bd1b943df566fff3561d52864 ~ 22022cd8851703a58f67615a17bc7e9e8682785b -
LinuxLinux 4.15 -

II. CVE-2026-53047の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-53047のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-53047 补丁与修复 (8)

Same Patch Batch · Linux · 2026-06-24 · 219 CVEs total

CVE-2026-529829.8 CRITICALnet: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()
CVE-2026-530469.8 CRITICALksmbd: fix use-after-free from async crypto on Qualcomm crypto engine
CVE-2026-529559.8 CRITICALlibceph: Fix potential out-of-bounds access in crush_decode()
CVE-2026-530459.8 CRITICALmemory: tegra124-emc: Fix dll_change check
CVE-2026-530499.8 CRITICALgfs2: add some missing log locking
CVE-2026-530109.8 CRITICALksmbd: fix use-after-free in smb2_open during durable reconnect
CVE-2026-530889.8 CRITICALnet: bcmgenet: fix off-by-one in bcmgenet_put_txcb
CVE-2026-530069.8 CRITICALipv6: fix possible UAF in icmpv6_rcv()
CVE-2026-530559.8 CRITICALcrypto: hisilicon/sec2 - prevent req used-after-free for sec
CVE-2026-530029.8 CRITICALnetfilter: conntrack: remove sprintf usage
CVE-2026-530869.8 CRITICALnet: bcmgenet: fix racing timeout handler
CVE-2026-529149.8 CRITICALbatman-adv: fix fragment reassembly length accounting
CVE-2026-529939.8 CRITICALtipc: fix double-free in tipc_buf_append()
CVE-2026-529319.8 CRITICALbatman-adv: tp_meter: avoid use of uninit sender vars
CVE-2026-529899.8 CRITICALnvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers
CVE-2026-529249.8 CRITICALsctp: purge outqueue on stale COOKIE-ECHO handling
CVE-2026-529869.8 CRITICALnetfilter: nf_conntrack_sip: don't use simple_strtoul
CVE-2026-529999.1 CRITICALnetfilter: nfnetlink_osf: fix out-of-bounds read on option matching
CVE-2026-529589.1 CRITICALlibceph: Fix potential out-of-bounds access in osdmap_decode()
CVE-2026-530439.1 CRITICALocfs2/dlm: validate qr_numregions in dlm_match_regions()

Showing 20 of 219 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-53047へのコメント

まだコメントはありません


コメントを残す