Описание
In the Linux kernel, the following vulnerability has been resolved:
ipv4: fix null-deref in ipv4_link_failure
Currently, we assume the skb is associated with a device before calling __ip_options_compile, which is not always the case if it is re-routed by ipvs. When skb->dev is NULL, dev_net(skb->dev) will become null-dereference. This patch adds a check for the edge case and switch to use the net_device from the rtable when skb->dev is NULL.
In the Linux kernel, the following vulnerability has been resolved:
ipv4: fix null-deref in ipv4_link_failure
Currently, we assume the skb is associated with a device before calling __ip_options_compile, which is not always the case if it is re-routed by ipvs. When skb->dev is NULL, dev_net(skb->dev) will become null-dereference. This patch adds a check for the edge case and switch to use the net_device from the rtable when skb->dev is NULL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-52579
- https://git.kernel.org/stable/c/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c
- https://git.kernel.org/stable/c/084c7ac9e8d60bf21a423490021b7c3427312955
- https://git.kernel.org/stable/c/2712545e535d7a2e4c53b9c9658a9c88c6055862
- https://git.kernel.org/stable/c/810fd23d9715474aa27997584e8fc9396ef3cb67
- https://git.kernel.org/stable/c/8689c9ace976d6c078e6dc844b09598796e84099
- https://git.kernel.org/stable/c/8860d354f653628b6330e1c5b06b2828948135a4
- https://git.kernel.org/stable/c/a2cf7bd75b3992e8df68dd5fdc6499b67d45f6e0
- https://git.kernel.org/stable/c/cda20fcddf53f0f959641c8ef4d50ab87ffa5124
CVE ID
Связанные уязвимости
A flaw was found in the Linux Kernel's ipv4: fix null-deref in ipv4_link_failure.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.