In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdr_first_de() return value The hdr_first_de() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help manage potential errors consistently. Additionally, error handling for the return value already exists at other points where this function is called. Found by Linux Verification Center (linuxtesting.org) with SVACE.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: manejo del valor de retorno de hdr_first_de(). La función hdr_first_de() devuelve un puntero a una estructura NTFS_DE. Este puntero puede ser NULL. Para gestionar eficazmente el error NULL, es importante implementar un gestor de errores. Esto ayudará a gestionar los posibles errores de forma coherente. Además, ya existe un gestor de errores para el valor de retorno en otros puntos donde se llama a esta función. Encontrado por el Centro de Verificación de Linux (linuxtesting.org) con SVACE.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-476
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc50e8c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdcf69040> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdcf6a1c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdcf69c00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bdc50f800> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x702bdc50c640> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |