发布时间: 2024年6月7日
修改时间: 2025年4月13日
In the Linux kernel, the following vulnerability has been resolved:net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()Coverity reports a possible NULL dereferencing problem:in smc_vlan_by_tcpsk():6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times).7. var_assigned: Assigning: ndev = NULL return value from netdev_lower_get_next.1623 ndev = (struct net_device *)netdev_lower_get_next(ndev, &lower);CID 1468509 (#1 of 1): Dereference null return value (NULL_RETURNS)8. dereference: Dereferencing a pointer that might be NULL ndev when calling is_vlan_dev.1624 if (is_vlan_dev(ndev)) {Remove the manual implementation and use netdev_walk_all_lower_dev() toiterate over the lower devices. While on it remove an obsolete functionparameter comment.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | None | None |
| Attack Vector | Local | Local |
| CVSS评分 | 5.5 | 5.5 |
| Attack Complexity | Low | Low |
| Privileges Required | Low | Low |
| Scope | Unchanged | Unchanged |
| Integrity | None | None |
| User Interaction | None | None |
| Availability | High | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2024-4779 | kernel security update | 2024年6月7日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5A | kernel | Fixed |
| KY3.5.2 | kernel | Unaffected |
| V6 | kernel | Unaffected |
