In the Linux kernel, the following vulnerability has been resolved:
RDMA/cxgb4: Added NULL check for lookup_atid
The lookup_atid() function can return NULL if the ATID is
invalid or does not exist in the identifier table, which
could lead to dereferencing a null pointer without a
check in the act_establish()
and act_open_rpl()
functions.
Add a NULL check to prevent null pointer dereferencing.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
[ { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9c94c8ba5a713817cffd74c4bacc05187469624", "signature_version": "v1", "target": { "file": "drivers/infiniband/hw/cxgb4/cm.c", "function": "act_open_rpl" }, "digest": { "length": 3211.0, "function_hash": "303859104633828982065790023847766442523" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2024-47749-4b50f4dc" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9c94c8ba5a713817cffd74c4bacc05187469624", "signature_version": "v1", "target": { "file": "drivers/infiniband/hw/cxgb4/cm.c", "function": "act_establish" }, "digest": { "length": 1280.0, "function_hash": "149769468717425091824570983647330725770" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2024-47749-721ba6e6" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9c94c8ba5a713817cffd74c4bacc05187469624", "signature_version": "v1", "target": { "file": "drivers/infiniband/hw/cxgb4/cm.c" }, "digest": { "line_hashes": [ "168136651112104313203631873792622686301", "286523305155950322251002095255533059036", "257447668617351811839513796150708755701", "109169922771926068238952132328771724486", "299994994154264999866638232550245772780", "266511270519072354308813772885561216363", "154293056001447403472885461933491118124", "148309628064145670062634298028817679841" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2024-47749-ad8c5a56" } ]