CVE-2024-50062

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information is exchanged between the client and server through the info_req message. During this exchange, it is essential that all connections have been established, and the state of the RTRS srv path is CONNECTED. So add these sanity checks, to make sure we detect and abort process in error scenarios to avoid null pointer deref.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Oct 2024, 21:48

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-476
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/394b2f4d5e014820455af3eb5859eb328eaafcfd - () https://git.kernel.org/stable/c/394b2f4d5e014820455af3eb5859eb328eaafcfd - Patch
References () https://git.kernel.org/stable/c/b5d4076664465487a9a3d226756995b12fb73d71 - () https://git.kernel.org/stable/c/b5d4076664465487a9a3d226756995b12fb73d71 - Patch
References () https://git.kernel.org/stable/c/b720792d7e8515bc695752e0ed5884e2ea34d12a - () https://git.kernel.org/stable/c/b720792d7e8515bc695752e0ed5884e2ea34d12a - Patch
References () https://git.kernel.org/stable/c/ccb8e44ae3e2391235f80ffc6be59bec6b889ead - () https://git.kernel.org/stable/c/ccb8e44ae3e2391235f80ffc6be59bec6b889ead - Patch
References () https://git.kernel.org/stable/c/d0e62bf7b575fbfe591f6f570e7595dd60a2f5eb - () https://git.kernel.org/stable/c/d0e62bf7b575fbfe591f6f570e7595dd60a2f5eb - Patch

23 Oct 2024, 15:12

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/rtrs-srv: Evitar la desreferencia de puntero nulo durante el establecimiento de la ruta Para el establecimiento de la ruta RTRS, el cliente RTRS inicia y completa con_num de conexiones. Después de establecer todas sus conexiones, la información se intercambia entre el cliente y el servidor a través del mensaje info_req. Durante este intercambio, es esencial que se hayan establecido todas las conexiones y que el estado de la ruta RTRS srv sea CONECTADO. Por lo tanto, agregue estas comprobaciones de cordura para asegurarnos de detectar y abortar el proceso en escenarios de error para evitar la desreferencia de puntero nulo.

21 Oct 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 20:15

Updated : 2024-10-23 21:48


NVD link : CVE-2024-50062

Mitre link : CVE-2024-50062

CVE.ORG link : CVE-2024-50062


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference