CVE-2024-49987

Although the C standard does not explicitly state whether calling qsort with a NULL pointer when the size is 0 constitutes undefined behavior, Section 7.1.4 of the C standard (Use of library functions) mentions:

"Each of the following statements applies unless explicitly stated otherwise in the detailed descriptions that follow: If an argument to a function has an invalid value (such as a value outside the domain of the function, or a pointer outside the address space of the program, or a null pointer, or a pointer to non-modifiable storage when the corresponding parameter is not const-qualified) or a type (after promotion) not expected by a function with variable number of arguments, the behavior is undefined."

To avoid this, add an early return when nflinkinfo is NULL to prevent calling qsort with a NULL pointer.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d0fe92fb5e3df6991c640fb9205d880b68603259

Fixed

c2d9f9a7837ab29ccae0c42252f17d436bf0a501

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d0fe92fb5e3df6991c640fb9205d880b68603259

Fixed

2e0f6f33f2aa87493b365a38a8fd87b8854b7734

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d0fe92fb5e3df6991c640fb9205d880b68603259

Fixed

c208b02827eb642758cef65641995fd3f38c89af

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d0fe92fb5e3df6991c640fb9205d880b68603259

Fixed

f04e2ad394e2755d0bb2d858ecb5598718bf00d5

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.10.1

v6.10.10

v6.10.11

v6.10.12

v6.10.13

v6.10.2

v6.10.3

v6.10.4

v6.10.5

v6.10.6

v6.10.7

v6.10.8

v6.10.9

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.11.1

v6.11.2

v6.3

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.33

v6.6.34

v6.6.35

v6.6.36

v6.6.37

v6.6.38

v6.6.39

v6.6.4

v6.6.40

v6.6.41

v6.6.42

v6.6.43

v6.6.44

v6.6.45

v6.6.46

v6.6.47

v6.6.48

v6.6.49

v6.6.5

v6.6.50

v6.6.51

v6.6.52

v6.6.53

v6.6.54

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

vanir_signatures

[
    {
        "id": "CVE-2024-49987-0861d994",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "tools/bpf/bpftool/net.c"
        },
        "digest": {
            "line_hashes": [
                "244721741582061075898677474567087243031",
                "323478804735079153538708319532017452749",
                "183956560719324251198744291209028647864"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c208b02827eb642758cef65641995fd3f38c89af"
    },
    {
        "id": "CVE-2024-49987-649a258e",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "tools/bpf/bpftool/net.c",
            "function": "show_link_netfilter"
        },
        "digest": {
            "function_hash": "81074989053187942066815093323183227448",
            "length": 1422.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2d9f9a7837ab29ccae0c42252f17d436bf0a501"
    },
    {
        "id": "CVE-2024-49987-81094d4e",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "tools/bpf/bpftool/net.c"
        },
        "digest": {
            "line_hashes": [
                "244721741582061075898677474567087243031",
                "323478804735079153538708319532017452749",
                "183956560719324251198744291209028647864"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2e0f6f33f2aa87493b365a38a8fd87b8854b7734"
    },
    {
        "id": "CVE-2024-49987-9521c5d2",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "tools/bpf/bpftool/net.c",
            "function": "show_link_netfilter"
        },
        "digest": {
            "function_hash": "81074989053187942066815093323183227448",
            "length": 1422.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f04e2ad394e2755d0bb2d858ecb5598718bf00d5"
    },
    {
        "id": "CVE-2024-49987-bfb36095",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "tools/bpf/bpftool/net.c"
        },
        "digest": {
            "line_hashes": [
                "244721741582061075898677474567087243031",
                "323478804735079153538708319532017452749",
                "183956560719324251198744291209028647864"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f04e2ad394e2755d0bb2d858ecb5598718bf00d5"
    },
    {
        "id": "CVE-2024-49987-d1aa522f",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "tools/bpf/bpftool/net.c",
            "function": "show_link_netfilter"
        },
        "digest": {
            "function_hash": "81074989053187942066815093323183227448",
            "length": 1422.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2e0f6f33f2aa87493b365a38a8fd87b8854b7734"
    },
    {
        "id": "CVE-2024-49987-e5f6c6f9",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "file": "tools/bpf/bpftool/net.c",
            "function": "show_link_netfilter"
        },
        "digest": {
            "function_hash": "81074989053187942066815093323183227448",
            "length": 1422.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c208b02827eb642758cef65641995fd3f38c89af"
    },
    {
        "id": "CVE-2024-49987-f45b76ca",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "tools/bpf/bpftool/net.c"
        },
        "digest": {
            "line_hashes": [
                "244721741582061075898677474567087243031",
                "323478804735079153538708319532017452749",
                "183956560719324251198744291209028647864"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2d9f9a7837ab29ccae0c42252f17d436bf0a501"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.4.0

Fixed

6.6.55

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.14

Type: ECOSYSTEM
Events: Introduced

6.11.0

Fixed

6.11.3