CVE-2024-42151

{"id": "CVE-2024-42151", "cveTags": [], "metrics": {}, "published": "2024-07-30T08:15:06.690", "references": [{"url": "https://git.kernel.org/stable/c/1479eaff1f16983d8fda7c5a08a586c21891087d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable\n\nTest case dummy_st_ops/dummy_init_ret_value passes NULL as the first\nparameter of the test_1() function. Mark this parameter as nullable to\nmake verifier aware of such possibility.\nOtherwise, NULL check in the test_1() code:\n\n SEC(\"struct_ops/test_1\")\n int BPF_PROG(test_1, struct bpf_dummy_ops_state *state)\n {\n if (!state)\n return ...;\n\n ... access state ...\n }\n\nMight be removed by verifier, thus triggering NULL pointer dereference\nunder certain conditions."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: marcar el par\u00e1metro bpf_dummy_struct_ops.test_1 como anulable Caso de prueba dummy_st_ops/dummy_init_ret_value pasa NULL como primer par\u00e1metro de la funci\u00f3n test_1(). Marque este par\u00e1metro como anulable para que el verificador sea consciente de tal posibilidad. De lo contrario, NULL verifica el c\u00f3digo test_1(): SEC(\"struct_ops/test_1\") int BPF_PROG(test_1, struct bpf_dummy_ops_state *state) { if (!state) return...; ... estado de acceso ... } El verificador podr\u00eda eliminarlo, lo que provocar\u00eda la desreferencia del puntero NULL bajo ciertas condiciones."}], "lastModified": "2024-07-30T13:32:45.943", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}