CVE-2023-54240

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()

rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check before using rule_locs to avoid NULL pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < 7776591e5ae2befff86579f68916a171971c6aabaffected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < 751b2e22a188b0c306029d094da29b6b8de31430affected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < 653fbddbdfc6673bba01b13dae5a4384ad8f92ecaffected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < 75f2de75c1182e80708c932418e4895dbc88b68faffected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < 072324cfab9b96071c0782f51f53cc5aea1e9d5baffected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < ff5faed5f5487b0fd2b640ba1304f82a5ebaab42affected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < fe0195fe48f85182bc7e7eabcad925bd3cbc10f5affected
LinuxLinux7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd < e4c79810755f66c9a933ca810da2724133b1165aaffected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux4.14.326 <= 4.14.*unaffected
LinuxLinux4.19.295 <= 4.19.*unaffected
LinuxLinux5.4.257 <= 5.4.*unaffected
LinuxLinux5.10.195 <= 5.10.*unaffected
LinuxLinux5.15.132 <= 5.15.*unaffected
LinuxLinux6.1.54 <= 6.1.*unaffected
LinuxLinux6.5.4 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References