[lvc-project] [PATCH 5.4/5.10/5.15 0/1] Backport fix for CVE-2023-1075
Nikita Zhandarovich
n.zhandarovich at fintech.ru
Thu Nov 28 21:35:08 MSK 2024
This patch addresses an issue of type confusion in tls_is_tx_ready(),
as a check for NULL of list_first_entry() return value is wrong.
This issue has been given a CVE entry CVE-2023-1075 [1] and is still
present in several stable branches.
As the flawed function tls_is_tx_ready() is named is_tx_ready() and
is situated in another file (specifically, include/net/tls.h) in older
kernel versions, fix the error there instead. This adapted backport
can be cleanly applied to 5.4, 5.10 and 5.15 branches.
[PATCH 5.4/5.10/5.15 1/1] net/tls: tls_is_tx_ready() checked list_entry
Use list_first_entry_or_null() instead of list_entry() to properly
check for empty lists.
Fixes [1].
[1] https://nvd.nist.gov/vuln/detail/cve-2023-1075
[2] https://github.com/torvalds/linux/commit/ffe2a22562444720b05bdfeb999c03e810d84cbb
More information about the lvc-project
mailing list