Описание
In the Linux kernel, the following vulnerability has been resolved:
nfs: fix possible null-ptr-deref when parsing param
According to commit "vfs: parse: deal with zero length string value", kernel will set the param->string to null pointer in vfs_parse_fs_string() if fs string has zero length.
Yet the problem is that, nfs_fs_context_parse_param() will dereferences the param->string, without checking whether it is a null pointer, which may trigger a null-ptr-deref bug.
This patch solves it by adding sanity check on param->string in nfs_fs_context_parse_param().
In the Linux kernel, the following vulnerability has been resolved:
nfs: fix possible null-ptr-deref when parsing param
According to commit "vfs: parse: deal with zero length string value", kernel will set the param->string to null pointer in vfs_parse_fs_string() if fs string has zero length.
Yet the problem is that, nfs_fs_context_parse_param() will dereferences the param->string, without checking whether it is a null pointer, which may trigger a null-ptr-deref bug.
This patch solves it by adding sanity check on param->string in nfs_fs_context_parse_param().
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.