CVE-2024-43821

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. In the following context and functions that use this pointer, there are dereferencing operations, leading to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, use scnprintf to notify the user and return len.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

03 Sep 2024, 17:49

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c - () https://git.kernel.org/stable/c/45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c - Patch
References () https://git.kernel.org/stable/c/57600a7dd2b52c904f7c8d2cac0fd8c23868e680 - () https://git.kernel.org/stable/c/57600a7dd2b52c904f7c8d2cac0fd8c23868e680 - Patch
References () https://git.kernel.org/stable/c/5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa - () https://git.kernel.org/stable/c/5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-476
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

19 Aug 2024, 12:59

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: lpfc: corrige una posible desreferencia de puntero nulo En la función lpfc_xcvr_data_show, la asignación de memoria con kmalloc podría fallar, convirtiendo así a rdp_context en un puntero nulo. En el siguiente contexto y funciones que utilizan este puntero, hay operaciones de desreferenciación que conducen a una desreferencia del puntero nulo. Para solucionar este problema, se debe agregar una verificación de puntero nulo. Si es nulo, use scnprintf para notificar al usuario y devolver len.

17 Aug 2024, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-17 10:15

Updated : 2024-09-03 17:49


NVD link : CVE-2024-43821

Mitre link : CVE-2024-43821

CVE.ORG link : CVE-2024-43821


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference