5.5

CVE-2024-47749

RDMA/cxgb4: Added NULL check for lookup_atid

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cxgb4: Added NULL check for lookup_atid

The lookup_atid() function can return NULL if the ATID is
invalid or does not exist in the identifier table, which
could lead to dereferencing a null pointer without a
check in the `act_establish()` and `act_open_rpl()` functions.
Add a NULL check to prevent null pointer dereferencing.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.35 < 5.10.227
LinuxLinux Kernel Version >= 5.11 < 5.15.168
LinuxLinux Kernel Version >= 5.16 < 6.1.113
LinuxLinux Kernel Version >= 6.2 < 6.6.54
LinuxLinux Kernel Version >= 6.7 < 6.10.13
LinuxLinux Kernel Version >= 6.11 < 6.11.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.137
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/0d50ae281a1712b9b2ca72830a96b8f11882358d
Patch
https://git.kernel.org/stable/c/39cb9f39913566ec5865581135f3e8123ad1aee1
Patch
https://git.kernel.org/stable/c/4e1fe68d695af367506ea3c794c5969630f21697
https://git.kernel.org/stable/c/54aaa3ed40972511e423b604324b881425b9ff1e
Patch
https://git.kernel.org/stable/c/b11318dc8a1ec565300bb1a9073095af817cc508
Patch
https://git.kernel.org/stable/c/b12e25d91c7f97958341538c7dc63ee49d01548f
https://git.kernel.org/stable/c/b9c94c8ba5a713817cffd74c4bacc05187469624
Patch
https://git.kernel.org/stable/c/dd598ac57dcae796cb58551074660c39b43fb155
Patch
https://git.kernel.org/stable/c/e766e6a92410ca269161de059fff0843b8ddd65f
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html