一、 漏洞 CVE-2025-71130 基础信息
漏洞信息
# i915_gem_do_execbuffer eb.vma数组零初始化漏洞
N/A
神龙判断
是否为 Web 类漏洞: 未知
判断理由:
N/A
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb->vma[i].vma pointers to NULL, simplifying cleanup and getting rid of the bug described below. During the execution of eb_lookup_vmas(), the eb->vma array is successively filled up with struct eb_vma objects. This process includes calling eb_add_vma(), which might fail; however, even in the event of failure, eb->vma[i].vma is set for the currently processed buffer. If eb_add_vma() fails, eb_lookup_vmas() returns with an error, which prompts a call to eb_release_vmas() to clean up the mess. Since eb_lookup_vmas() might fail during processing any (possibly not first) buffer, eb_release_vmas() checks whether a buffer's vma is NULL to know at what point did the lookup function fail. In eb_lookup_vmas(), eb->vma[i].vma is set to NULL if either the helper function eb_lookup_vma() or eb_validate_vma() fails. eb->vma[i+1].vma is set to NULL in case i915_gem_object_userptr_submit_init() fails; the current one needs to be cleaned up by eb_release_vmas() at this point, so the next one is set. If eb_add_vma() fails, neither the current nor the next vma is set to NULL, which is a source of a NULL deref bug described in the issue linked in the Closes tag. When entering eb_lookup_vmas(), the vma pointers are set to the slab poison value, instead of NULL. This doesn't matter for the actual lookup, since it gets overwritten anyway, however the eb_release_vmas() function only recognizes NULL as the stopping value, hence the pointers are being set to NULL as they go in case of intermediate failure. This patch changes the approach to filling them all with NULL at the start instead, rather than handling that manually during failure. (cherry picked from commit 08889b706d4f0b8d2352b7ca29c2d8df4d0787cd)
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Linux kernel 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未初始化数组,可能导致清理逻辑错误。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2025-71130 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
三、漏洞 CVE-2025-71130 的情报信息
标题: Oh noes! -- 🔗来源链接
标签:
神龙速读:从该网页截图中可以获取到关于漏洞的关键信息如下: - **访问被拒绝**:错误代码为 `4d1dbaddfcc0f385`。 - **防护系统**:该网站使用了 `Anubis` 防护系统,该系统由 `Techaro` 提供。 - **版本信息**:网站运行的 `Anubis` 版本是 `1.22.0`。 这些信息可能有助于识别和分析潜在的漏洞。
标题: Oh noes! -- 🔗来源链接
标签:
神龙速读:- **Error Message:** Access Denied: error code 4d1dbaddfccf385. - **Protection System:** Protected by Anubis. - **Developers:** Anubis is From Techaro. - **Version Information:** Running Anubis version 1.22.0.
标题: Oh noes! -- 🔗来源链接
标签:
神龙速读:从这张网页截图中,可以获取到以下关于漏洞的关键信息: - **访问被拒绝**:显示“Access Denied”信息,提示可能的权限问题或访问控制策略。 - **错误代码**:显示了一个特定的错误代码“4d1dbaddfcc0f385”,这可能是用于诊断或查找具体问题的唯一标识符。 - **防护系统**:网站受到Anubis防护系统的保护,来自Techaro。这表明可能有一个防篡改或防入侵的防护机制在运行。 - **技术信息**:页面底部提到了该网站正在运行的Anubis版本(1.22.0),这可能有助于确定是否存在已知的版本漏洞。 以上信息可以帮助网络安全专家进一步挖掘潜在的安全漏洞或问题的原因。
标题: 503 Service Temporarily Unavailable -- 🔗来源链接
标签:
神龙速读:从这个截图中,我们可以获取到以下关于漏洞的关键信息: - **HTTP状态码**: - 503 Service Temporarily Unavailable - **服务器信息**: - nginx 这表明: - 服务当前不可用,可能是因为服务器过载、维护等原因。 - 服务器使用的是Nginx。
标题: Oh noes! -- 🔗来源链接
标签:
神龙速读:- **错误信息**: 访问被拒绝, 错误代码为 `4d1dbaddfcc0f385` - **保护系统**: 网站受到 `Anubis` 保护 - **技术来源**: `Teccharo` 提供技术支持 - **网站信息**: 该网站运行的是 `Anubis` 版本 `1.22.0`
- https://nvd.nist.gov/vuln/detail/CVE-2025-71130
四、漏洞 CVE-2025-71130 的评论
匿名用户
2026-01-15 06:08:11Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.