摘要:
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: Fix potential NULL pointer dereference in gpiod_get_label()
In `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may
return a NULL pointer, leading to a scenario where `label->str` is accessed
without verifying if `label` itself is NULL.
This patch adds a proper NULL check for `label` before accessing
`label->str`. The check for `label->str != NULL` is removed because
`label->str` can never be NULL if `label` is not NULL.
This fixes the issue where the label name was being printed as `(efault)`
when dumping the sysfs GPIO file when `label == NULL`.
安全等级: Low
公告ID: KylinSec-SA-2024-4252
发布日期: 2024年12月8日
关联CVE: CVE-2024-49941
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: Fix potential NULL pointer dereference in gpiod_get_label()
In `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may
return a NULL pointer, leading to a scenario where `label->str` is accessed
without verifying if `label` itself is NULL.
This patch adds a proper NULL check for `label` before accessing
`label->str`. The check for `label->str != NULL` is removed because
`label->str` can never be NULL if `label` is not NULL.
This fixes the issue where the label name was being printed as `(efault)`
when dumping the sysfs GPIO file when `label == NULL`.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-49941 | KY3.4-5 | kernel | Unaffected |
| CVE-2024-49941 | KY3.5.3 | kernel | Unaffected |
| CVE-2024-49941 | V6 | kernel | Unaffected |
