Description
In the Linux kernel, the following vulnerability has been resolved: ice: ice_adapter: release xa entry on adapter allocation failure When ice_adapter_new() fails, the reserved XArray entry created by xa_insert() is not released. This causes subsequent insertions at the same index to return -EBUSY, potentially leading to NULL pointer dereferences. Reorder the operations as suggested by Przemek Kitszel: 1. Check if adapter already exists (xa_load) 2. Reserve the XArray slot (xa_reserve) 3. Allocate the adapter (ice_adapter_new) 4. Store the adapter (xa_store)
Product status
0f0023c649c7bc50543fbe6e1801eb6357b8bd63 (git) before 7b9269de9815fc34d93dab90bd5169bacbe78e70
0f0023c649c7bc50543fbe6e1801eb6357b8bd63 (git) before 794abb265de3e792167fe3ea0440c064c722bb84
0f0023c649c7bc50543fbe6e1801eb6357b8bd63 (git) before 2db687f3469dbc5c59bc53d55acafd75d530b497
6.11
Any version before 6.11
6.12.54 (semver)
6.17.4 (semver)
6.18-rc1 (original_commit_for_fix)
References
git.kernel.org/...c/7b9269de9815fc34d93dab90bd5169bacbe78e70
git.kernel.org/...c/794abb265de3e792167fe3ea0440c064c722bb84
git.kernel.org/...c/2db687f3469dbc5c59bc53d55acafd75d530b497
