Bug 2301542 (CVE-2024-42224) - CVE-2024-42224 kernel: net: dsa: mv88e6xxx: Correct check for empty list
Summary: CVE-2024-42224 kernel: net: dsa: mv88e6xxx: Correct check for empty list
Keywords:
Status: NEW
Alias: CVE-2024-42224
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2302251
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-07-30 09:09 UTC by OSIDB Bzimport
Modified: 2024-09-24 13:45 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel's mv88e6xxx driver in the mv88e6xxx_default_mdio_bus() function, where an improper check for an empty linked list could lead to dereferencing a potentially invalid pointer. This issue could lead to memory corruption or crashes.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2024-07-30 09:09:22 UTC
In the Linux kernel, the following vulnerability has been resolved:

net: dsa: mv88e6xxx: Correct check for empty list

Since commit a3c53be55c95 ("net: dsa: mv88e6xxx: Support multiple MDIO
busses") mv88e6xxx_default_mdio_bus() has checked that the
return value of list_first_entry() is non-NULL.

This appears to be intended to guard against the list chip->mdios being
empty.  However, it is not the correct check as the implementation of
list_first_entry is not designed to return NULL for empty lists.

Instead, use list_first_entry_or_null() which does return NULL if the
list is empty.

Flagged by Smatch.
Compile tested only.


Note You need to log in before you can comment on or make changes to this bug.