{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: fix null-deref in ipv4_link_failure\n\nCurrently, we assume the skb is associated with a device before calling\n__ip_options_compile, which is not always the case if it is re-routed by\nipvs.\nWhen skb->dev is NULL, dev_net(skb->dev) will become null-dereference.\nThis patch adds a check for the edge case and switch to use the net_device\nfrom the rtable when skb->dev is NULL." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "0a7e8300b7f4", "lessThan": "084c7ac9e8d6", "status": "affected", "versionType": "git" }, { "version": "7ba5ec69e1a7", "lessThan": "a2cf7bd75b39", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "810fd23d9715", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "8689c9ace976", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "8860d354f653", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "2712545e535d", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "cda20fcddf53", "status": "affected", "versionType": "git" }, { "version": "ed0de45a1008", "lessThan": "0113d9c9d1cc", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "versions": [ { "version": "4.14.327", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.19.296", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.258", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.198", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.134", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.56", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.5.6", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/084c7ac9e8d60bf21a423490021b7c3427312955" }, { "url": "https://git.kernel.org/stable/c/a2cf7bd75b3992e8df68dd5fdc6499b67d45f6e0" }, { "url": "https://git.kernel.org/stable/c/810fd23d9715474aa27997584e8fc9396ef3cb67" }, { "url": "https://git.kernel.org/stable/c/8689c9ace976d6c078e6dc844b09598796e84099" }, { "url": "https://git.kernel.org/stable/c/8860d354f653628b6330e1c5b06b2828948135a4" }, { "url": "https://git.kernel.org/stable/c/2712545e535d7a2e4c53b9c9658a9c88c6055862" }, { "url": "https://git.kernel.org/stable/c/cda20fcddf53f0f959641c8ef4d50ab87ffa5124" }, { "url": "https://git.kernel.org/stable/c/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c" } ], "title": "ipv4: fix null-deref in ipv4_link_failure", "x_generator": { "engine": "bippy-4986f5686161" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2023-52579", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }