5.5

CVE-2023-53058

net/mlx5: E-Switch, Fix an Oops in error handling code

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: E-Switch, Fix an Oops in error handling code

The error handling dereferences "vport".  There is nothing we can do if
it is an error pointer except returning the error code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8 < 5.10.177
LinuxLinux Kernel Version >= 5.11 < 5.15.105
LinuxLinux Kernel Version >= 5.16 < 6.1.22
LinuxLinux Kernel Version >= 6.2 < 6.2.9
LinuxLinux Kernel Version6.3 Updaterc1
LinuxLinux Kernel Version6.3 Updaterc2
LinuxLinux Kernel Version6.3 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.081
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/5eadc80328298ef7beaaf0cd96791667d3b485ca
Patch
https://git.kernel.org/stable/c/388188fb58bef9e7f3ca4f8970f03d493b66909f
Patch
https://git.kernel.org/stable/c/c4c977935b2fc60084b3735737d17a06e7ba1bd0
Patch
https://git.kernel.org/stable/c/1a9853a7437a22fd849347008fb3c85087906b56
Patch
https://git.kernel.org/stable/c/640fcdbcf27fc62de9223f958ceb4e897a00e791
Patch