[SRU][F/J][PATCH 0/1] CVE-2024-26595
Jian Hui Lee
jianhui.lee at canonical.com
Thu Nov 14 05:53:35 UTC 2024
[Impact]
mlxsw: spectrum_acl_tcam: Fix NULL Pointer dereference in error path
When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after
failing to attach the region to an ACL group, we hit a NULL pointer
dereference.
Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam().
[Fix]
noble: not affected
jammy: backported from linux-stable
focal: backported from linux-stable
bionic: backported from linux-stable. sent to esm
xenial: not affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
The fix affects mellanox ethernet switch driver. An issue with this fix
may lead to kernel crashes or system instability after destroying tcam
region.
Ido Schimmel (1):
mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path
drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 1 +
drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c | 5 +++++
drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c | 4 ++--
3 files changed, 8 insertions(+), 2 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list