1.3 KiB
CVE-2024-26723
Description
In the Linux kernel, the following vulnerability has been resolved:lan966x: Fix crash when adding interface under a lagThere is a crash when adding one of the lan966x interfaces under a laginterface. The issue can be reproduced like this:ip link add name bond0 type bond miimon 100 mode balance-xorip link set dev eth0 master bond0The reason is because when adding a interface under the lag it would gothrough all the ports and try to figure out which other ports are underthat lag interface. And the issue is that lan966x can have ports that areNULL pointer as they are not probed. So then iterating over these portsit would just crash as they are NULL pointers.The fix consists in actually checking for NULL pointers before accessingsomething from the ports. Like we do in other places.
POC
Reference
No PoCs from references.