Description
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0 and sctp_ulpevent_make_authkey() returns 0, then the variable ai_ev remains zero and the zero will be dereferenced in the sctp_ulpevent_free() function.
Product status
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before 1014b83778c8677f1d7a57c26dc728baa801ac62
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before 7f702f85df0266ed7b5bab81ba50394c92f3c928
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before dbceedc0213e75bf3e9f9f9e2f66b10699d004fe
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before 025419f4e216a3ae0d0cec622262e98e8078c447
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before c21f45cfa4a9526b34d76b397c9ef080668b6e73
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before d0e8f1445c19b1786759ba72a38267e1449bab7e
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before badbd79313e6591616c1b78e29a9b71efed7f035
30f6ebf65bc46161c5aaff1db2e6e7c76aa4a06b (git) before 2f3119686ef50319490ccaec81a575973da98815
4.17
Any version before 4.17
5.4.301 (semver)
5.10.246 (semver)
5.15.195 (semver)
6.1.157 (semver)
6.6.113 (semver)
6.12.54 (semver)
6.17.4 (semver)
6.18 (original_commit_for_fix)
References
git.kernel.org/...c/1014b83778c8677f1d7a57c26dc728baa801ac62
git.kernel.org/...c/7f702f85df0266ed7b5bab81ba50394c92f3c928
git.kernel.org/...c/dbceedc0213e75bf3e9f9f9e2f66b10699d004fe
git.kernel.org/...c/025419f4e216a3ae0d0cec622262e98e8078c447
git.kernel.org/...c/c21f45cfa4a9526b34d76b397c9ef080668b6e73
git.kernel.org/...c/d0e8f1445c19b1786759ba72a38267e1449bab7e
git.kernel.org/...c/badbd79313e6591616c1b78e29a9b71efed7f035
git.kernel.org/...c/2f3119686ef50319490ccaec81a575973da98815
