5.5

CVE-2023-53681

bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent

In the Linux kernel, the following vulnerability has been resolved:

bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent

In some specific situations, the return value of __bch_btree_node_alloc
may be NULL. This may lead to a potential NULL pointer dereference in
caller function like a calling chain :
btree_split->bch_btree_node_alloc->__bch_btree_node_alloc.

Fix it by initializing the return value in __bch_btree_node_alloc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.10 < 4.19.291
LinuxLinux Kernel Version >= 4.20 < 5.4.253
LinuxLinux Kernel Version >= 5.5 < 5.10.188
LinuxLinux Kernel Version >= 5.11 < 5.15.121
LinuxLinux Kernel Version >= 5.16 < 6.1.39
LinuxLinux Kernel Version >= 6.2 < 6.4.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/587b4e8bb5dac682f09280ab35db4632b29d5ac4
Patch
https://git.kernel.org/stable/c/b070f29a61436f6f8a2e3abc7ea4f4be81695198
Patch
https://git.kernel.org/stable/c/a4405f6ee03323410d7b10966fd67b35f71b1944
Patch
https://git.kernel.org/stable/c/f67b0e3081f2a24170280a33ac66f6b112083c03
Patch
https://git.kernel.org/stable/c/7ecea5ce3dc17339c280c75b58ac93d8c8620d9f
Patch
https://git.kernel.org/stable/c/4514847aee18d9391a0cf3aad75d3567c72795a4
Patch
https://git.kernel.org/stable/c/80fca8a10b604afad6c14213fdfd816c4eda3ee4
Patch