2153066 – (CVE-2022-3106) CVE-2022-3106 Kernel: kmalloc's return value not checked, leading to null pointer dereference

Bug 2153066 (CVE-2022-3106) - CVE-2022-3106 Kernel: kmalloc's return value not checked, leading to null pointer dereference

Summary: CVE-2022-3106 Kernel: kmalloc's return value not checked, leading to null poi...

Keywords:
Status:	NEW
Alias:	CVE-2022-3106
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2153051
TreeView+	depends on / blocked

Reported:	2022-12-13 22:07 UTC by Sage McTaggart
Modified:	2023-04-01 08:44 UTC (History)
CC List:	21 users (show)
Fixed In Version:	Linux 5.17-rc6
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)

Description Sage McTaggart 2022-12-13 22:07:18 UTC

[Suggested description]
An issue was discovered in the Linux kernel through 5.16-rc6.
ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check
of the return value of kmalloc().

------------------------------------------

[VulnerabilityType Other]
NULL Pointer Dereference

------------------------------------------

[Vendor of Product]
the development group

------------------------------------------

[Affected Product Code Base]
Linux kernel - 5.16-rc6

------------------------------------------

[Reference]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=407ecd1bd726f240123f704620d46e285ff30dd9

------------------------------------------

[Discoverer]
Jiasheng Jiang

Note You need to log in before you can comment on or make changes to this bug.

acaringi
bhu
ddepaula
dvlasenk
hkrzesin
jarod
jfaracco
jferlan
jforbes
joe.lawrence
jshortt
jstancek
kcarcia
kernel-mgr
lzampier
mcascell
nmurray
ptalbert
rvrbovsk
scweaver
walters