Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 4198aab6f000b4febb18ea820fea20634dd789c7
affected
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 3719c234fa94c37c955b1ecd3742ef280ec135e6
affected
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 4e65a8b8daa18d63255ec58964dd192c7fdd9f8b
affected
Default status
affected
5.15
affected
Any version before 5.15
unaffected
6.18.24 (semver)
unaffected
6.19.14 (semver)
unaffected
7.0 (original_commit_for_fix)
unaffected
Description
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() We need to check __in6_dev_get() for possible NULL value, as suggested by Yiming Qian. Also add skb_dst_dev_rcu() instead of skb_dst_dev(), and two missing READ_ONCE(). Note that @dev can't be NULL.
Product status
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 4198aab6f000b4febb18ea820fea20634dd789c7
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 3719c234fa94c37c955b1ecd3742ef280ec135e6
9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 (git) before 4e65a8b8daa18d63255ec58964dd192c7fdd9f8b
5.15
Any version before 5.15
6.18.24 (semver)
6.19.14 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/4198aab6f000b4febb18ea820fea20634dd789c7
git.kernel.org/...c/3719c234fa94c37c955b1ecd3742ef280ec135e6
git.kernel.org/...c/4e65a8b8daa18d63255ec58964dd192c7fdd9f8b