ghsa-4g32-c2j9-mx24
Vulnerability from github
Published
2024-08-21 03:31
Modified
2024-08-21 03:31
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: Clean up error handling in vpci_scan_bus()

Smatch complains about inconsistent NULL checking in vpci_scan_bus():

drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we previously assumed 'vpci_bus' could be null (see line 1021)

Instead of printing an error message and then crashing we should return an error code and clean up.

Also the NULL check is reversed so it prints an error for success instead of failure.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-43875"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-21T01:15:11Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Clean up error handling in vpci_scan_bus()\n\nSmatch complains about inconsistent NULL checking in vpci_scan_bus():\n\n    drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we previously assumed \u0027vpci_bus\u0027 could be null (see line 1021)\n\nInstead of printing an error message and then crashing we should return\nan error code and clean up.\n\nAlso the NULL check is reversed so it prints an error for success\ninstead of failure.",
  "id": "GHSA-4g32-c2j9-mx24",
  "modified": "2024-08-21T03:31:53Z",
  "published": "2024-08-21T03:31:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43875"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e27e2e8697b8ce96cdef43f135426525d9d1f8f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/24414c842a24d0fd498f9db6d2a762a8dddf1832"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7d368de78b60088ec9031c60c88976c0063ea4c0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8e0f5a96c534f781e8c57ca30459448b3bfe5429"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b9e8695246bcfc028341470cbf92630cdc1ba36b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.