Количество 3
Количество 3
CVE-2023-52579
A flaw was found in the Linux Kernel's ipv4: fix null-deref in ipv4_link_failure.
CVE-2023-52579
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
GHSA-jgvw-q27w-5hcm
In the Linux kernel, the following vulnerability has been resolved: ipv4: fix null-deref in ipv4_link_failure Currently, we assume the skb is associated with a device before calling __ip_options_compile, which is not always the case if it is re-routed by ipvs. When skb->dev is NULL, dev_net(skb->dev) will become null-dereference. This patch adds a check for the edge case and switch to use the net_device from the rtable when skb->dev is NULL.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-52579 A flaw was found in the Linux Kernel's ipv4: fix null-deref in ipv4_link_failure. | почти 2 года назад | ||
 | CVE-2023-52579 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | почти 2 года назад | ||
| GHSA-jgvw-q27w-5hcm In the Linux kernel, the following vulnerability has been resolved: ipv4: fix null-deref in ipv4_link_failure Currently, we assume the skb is associated with a device before calling __ip_options_compile, which is not always the case if it is re-routed by ipvs. When skb->dev is NULL, dev_net(skb->dev) will become null-dereference. This patch adds a check for the edge case and switch to use the net_device from the rtable when skb->dev is NULL. | почти 2 года назад |
Уязвимостей на страницу