In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is set to false, the driver may request the PMAC_ID from the firmware of the network card, and this function will store that PMAC_ID at the provided address pmac_id. This is the contract of this function. However, there is a location within the driver where both pmac_id_valid == false and pmac_id == NULL are being passed. This could result in dereferencing a NULL pointer. To resolve this issue, it is necessary to pass the address of a stub variable to the function.
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: be2net: Corrección de desreferencia de puntero NULL en be_cmd_get_mac_from_list Cuando el argumento del parámetro pmac_id_valid de be_cmd_get_mac_from_list() se establece en falso, el controlador puede solicitar el PMAC_ID del firmware de la tarjeta de red, y esta función almacenará ese PMAC_ID en la dirección pmac_id proporcionada. Este es el contrato de esta función. Sin embargo, existe una ubicación dentro del controlador donde se están pasando tanto pmac_id_valid == false como pmac_id == NULL. Esto podría resultar en la desreferencia de un puntero NULL. Para resolver este problema, es necesario pasar la dirección de una variable auxiliar a la función.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-476
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b70377f40> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b0cc0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b70376d00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bfc3c4100> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b70374280> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bfc130700> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702bde1653c0> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702b70377a80> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702b70376400> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702b70375b40> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702bfc2a4600> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x702bcc9b0880> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:* |