NULL Pointer Dereference Affecting kernel-zfcpdump-modules package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL8-KERNELZFCPDUMPMODULES-8284826
- published 23 Oct 2024
- disclosed 21 Oct 2024
Introduced: 21 Oct 2024
CVE-2024-47749 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:8
kernel-zfcpdump-modules
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-modules
package and not the kernel-zfcpdump-modules
package as distributed by RHEL
.
See How to fix?
for RHEL:8
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
RDMA/cxgb4: Added NULL check for lookup_atid
The lookup_atid() function can return NULL if the ATID is
invalid or does not exist in the identifier table, which
could lead to dereferencing a null pointer without a
check in the act_establish()
and act_open_rpl()
functions.
Add a NULL check to prevent null pointer dereferencing.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
References
- https://access.redhat.com/security/cve/CVE-2024-47749
- https://git.kernel.org/stable/c/0d50ae281a1712b9b2ca72830a96b8f11882358d
- https://git.kernel.org/stable/c/39cb9f39913566ec5865581135f3e8123ad1aee1
- https://git.kernel.org/stable/c/54aaa3ed40972511e423b604324b881425b9ff1e
- https://git.kernel.org/stable/c/b11318dc8a1ec565300bb1a9073095af817cc508
- https://git.kernel.org/stable/c/b9c94c8ba5a713817cffd74c4bacc05187469624
- https://git.kernel.org/stable/c/dd598ac57dcae796cb58551074660c39b43fb155
- https://git.kernel.org/stable/c/e766e6a92410ca269161de059fff0843b8ddd65f
- https://git.kernel.org/stable/c/4e1fe68d695af367506ea3c794c5969630f21697
- https://git.kernel.org/stable/c/b12e25d91c7f97958341538c7dc63ee49d01548f