Cmnt: [SRU][F/J][PATCH 0/1] CVE-2024-26595
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Nov 18 20:19:34 UTC 2024
On Thu, Nov 14, 2024 at 01:53:35PM +0800, Jian Hui Lee wrote:
> [Impact]
>
> mlxsw: spectrum_acl_tcam: Fix NULL Pointer dereference in error path
>
> When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after
> failing to attach the region to an ACL group, we hit a NULL pointer
> dereference.
>
> Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam().
>
> [Fix]
>
> noble: not affected
> jammy: backported from linux-stable
> focal: backported from linux-stable
> bionic: backported from linux-stable. sent to esm
> xenial: not affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> The fix affects mellanox ethernet switch driver. An issue with this fix
> may lead to kernel crashes or system instability after destroying tcam
> region.
>
> Ido Schimmel (1):
> mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path
>
> drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 1 +
> drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c | 5 +++++
> drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c | 4 ++--
> 3 files changed, 8 insertions(+), 2 deletions(-)
>
As mentioned above, the "linux-stable" tag should be omitted since it's
a commit from the mainline. Besides, I am incline to expand the
mlxsw_sp_acl_to_tcam() function to explicitly show that we are not
backporting 74cbc3c03c82 ("mlxsw: spectrum_acl_tcam: Move devlink param
to TCAM code") in this case.
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list