In the Linux kernel, the following vulnerability has been resolved:
mctp i2c: handle NULL header address
daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped.
saddr will usually be set by MCTP core, but check for NULL in case a packet is transmitted by a different protocol.
[ { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4707893315802a0917231b94cb20cbe50ccbfe03", "signature_version": "v1", "target": { "function": "mctp_i2c_header_create", "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "function_hash": "339334918897114478814937603296121326986", "length": 652.0 }, "id": "CVE-2024-53043-0d82ff50" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e886e44397ba89f6e8da8471386112b4f5b67b7", "signature_version": "v1", "target": { "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "195659149040981807560980314675467949112", "117905206441425491695095996378228730132", "90523687357892036799951706178926748481" ] }, "id": "CVE-2024-53043-10d6a482" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8c222adadc1612e4f097688875962a28e3f5ab44", "signature_version": "v1", "target": { "function": "mctp_i2c_header_create", "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "function_hash": "339334918897114478814937603296121326986", "length": 652.0 }, "id": "CVE-2024-53043-1a01f77e" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4707893315802a0917231b94cb20cbe50ccbfe03", "signature_version": "v1", "target": { "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "195659149040981807560980314675467949112", "117905206441425491695095996378228730132", "90523687357892036799951706178926748481" ] }, "id": "CVE-2024-53043-2a3c27d7" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8c222adadc1612e4f097688875962a28e3f5ab44", "signature_version": "v1", "target": { "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "195659149040981807560980314675467949112", "117905206441425491695095996378228730132", "90523687357892036799951706178926748481" ] }, "id": "CVE-2024-53043-3b6209d6" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e886e44397ba89f6e8da8471386112b4f5b67b7", "signature_version": "v1", "target": { "function": "mctp_i2c_header_create", "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "function_hash": "339334918897114478814937603296121326986", "length": 652.0 }, "id": "CVE-2024-53043-7a1ec80a" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@01e215975fd80af81b5b79f009d49ddd35976c13", "signature_version": "v1", "target": { "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "195659149040981807560980314675467949112", "117905206441425491695095996378228730132", "90523687357892036799951706178926748481" ] }, "id": "CVE-2024-53043-a17b7650" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@01e215975fd80af81b5b79f009d49ddd35976c13", "signature_version": "v1", "target": { "function": "mctp_i2c_header_create", "file": "drivers/net/mctp/mctp-i2c.c" }, "digest": { "function_hash": "339334918897114478814937603296121326986", "length": 652.0 }, "id": "CVE-2024-53043-c89bf2e0" } ]