CVE-2024-43836

Fix a possible null dereference when a PSE supports both c33 and PoDL, but only one of the netlink attributes is specified. The c33 or PoDL PSE capabilities are already validated in the ethnlsetpse_validate() call.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4d18e3ddf427d93a2895a1c9d61477e1f1726cad

Fixed

e187690b125a297499eadeec53c32c5ed6d7436a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4d18e3ddf427d93a2895a1c9d61477e1f1726cad

Fixed

4cddb0f15ea9c62f81b4889ea69a99368cc63a86

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.10.1

v6.10.2

v6.9

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "253155944046209500365311274876967711133",
            "length": 492.0
        },
        "signature_type": "Function",
        "target": {
            "function": "ethnl_set_pse",
            "file": "net/ethtool/pse-pd.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e187690b125a297499eadeec53c32c5ed6d7436a",
        "id": "CVE-2024-43836-14c78434"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "869197137996689532975026059615576676",
                "228520405852849935126525719207419325148",
                "79261099311902632434779832520811512785",
                "242819886654854661219180761980939851150",
                "190798276733854587382257922745021504785",
                "287809410663528053012103751854774193535"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "net/ethtool/pse-pd.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e187690b125a297499eadeec53c32c5ed6d7436a",
        "id": "CVE-2024-43836-32072b59"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "869197137996689532975026059615576676",
                "228520405852849935126525719207419325148",
                "79261099311902632434779832520811512785",
                "242819886654854661219180761980939851150",
                "190798276733854587382257922745021504785",
                "287809410663528053012103751854774193535"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "net/ethtool/pse-pd.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4cddb0f15ea9c62f81b4889ea69a99368cc63a86",
        "id": "CVE-2024-43836-3e2023a1"
    },
    {
        "digest": {
            "function_hash": "253155944046209500365311274876967711133",
            "length": 492.0
        },
        "signature_type": "Function",
        "target": {
            "function": "ethnl_set_pse",
            "file": "net/ethtool/pse-pd.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4cddb0f15ea9c62f81b4889ea69a99368cc63a86",
        "id": "CVE-2024-43836-edb32c0e"
    }
]

CVE-2024-43836

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v6.*

Database specific

vanir_signatures

Linux / Kernel

Package

Affected ranges