Junlin Li

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.58 **Description** The issue is related to an out-of-bounds write error in the `rtl2830 pid filter` function in the Linux kernel's `dvb-frontends/rtl2830` module. This error occurs when the index exceeds 31, causing an attempt to access a non-existent 33rd bit and leading to out-of-bounds access. The `dev->filters` value is 32 bits, and the `set bit` and `clear bit` functions should only operate on indices from 0 to 31. The vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. **Recommendations** To resolve this issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider modifying the boundary check in the `rtl2830 pid filter` function from `index > 32` to `index >= 32` to prevent out-of-bounds access. Restrict access to the `dvb-frontends/rtl2830` module to minimize the risk of exploitation until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.58 **Description** The issue is related to an out-of-bounds write error in the `rtl2832 pid filter()` function in the Linux kernel's `dvb-frontends/rtl2832` module. This error occurs when the index in `rtl2832 pid filter` exceeds 31, causing an attempt to access a non-existent 33rd bit and leading to out-of-bounds access. The `dev->filters` value is 32 bits, and the `set bit` and `clear bit` functions should only operate on indices from 0 to 31. **Recommendations** To resolve this issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider restricting access to the `rtl2832 pid filter()` function until a patch is available. Additionally, ensure that the index in `rtl2832 pid filter` does not exceed 31 to prevent out-of-bounds access. Change the boundary check from index > 32 to index >= 32 to resolve this issue.