Bug 2324856 (CVE-2024-50260) - CVE-2024-50260 kernel: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()
Summary: CVE-2024-50260 kernel: sock_map: fix a NULL pointer dereference in sock_map_l...
Keywords:
Status: NEW
Alias: CVE-2024-50260
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2325076
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-11-09 11:01 UTC by OSIDB Bzimport
Modified: 2024-11-21 15:36 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2024-11-09 11:01:31 UTC 
In the Linux kernel, the following vulnerability has been resolved:

sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()

The following race condition could trigger a NULL pointer dereference:

sock_map_link_detach():		sock_map_link_update_prog():
   mutex_lock(&sockmap_mutex);
   ...
   sockmap_link->map = NULL;
   mutex_unlock(&sockmap_mutex);
   				   mutex_lock(&sockmap_mutex);
				   ...
				   sock_map_prog_link_lookup(sockmap_link->map);
				   mutex_unlock(&sockmap_mutex);
   <continue>

Fix it by adding a NULL pointer check. In this specific case, it makes
no sense to update a link which is being released.
Comment 1 Avinash Hanwate 2024-11-11 04:14:03 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024110940-CVE-2024-50260-db68@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.