CVE-2024-26595
Published: Feb 23, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer dereference upon 'region->group->tcam' [1]. Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam(). [1] BUG: kernel NULL pointer dereference, address: 0000000000000000 [...] RIP: 0010:mlxsw_sp_acl_tcam_region_destroy+0xa0/0xd0 [...] Call Trace: mlxsw_sp_acl_tcam_vchunk_get+0x88b/0xa20 mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0 mlxsw_sp_acl_rule_add+0x47/0x240 mlxsw_sp_flower_replace+0x1a9/0x1d0 tc_setup_cb_add+0xdc/0x1c0 fl_hw_replace_filter+0x146/0x1f0 fl_change+0xc17/0x1360 tc_new_tfilter+0x472/0xb90 rtnetlink_rcv_msg+0x313/0x3b0 netlink_rcv_skb+0x58/0x100 netlink_unicast+0x244/0x390 netlink_sendmsg+0x1e4/0x440 ____sys_sendmsg+0x164/0x260 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xc0 do_syscall_64+0x40/0xe0 entry_SYSCALL_64_after_hwframe+0x63/0x6b
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 22a677661f5624539d394f681276171f92d714df - < 75fa2d8b3c0175b519c99ace54ab8474cfd0077eaffected 22a677661f5624539d394f681276171f92d714df - < 817840d125a370626895df269c50c923b79b0a39affected 22a677661f5624539d394f681276171f92d714df - < d0a1efe417c97a1e9b914056ee6b86f1ef75fe1faffected 22a677661f5624539d394f681276171f92d714df - < efeb7dfea8ee10cdec11b6b6ba4e405edbe75809 |
Linux | Linux | affected 4.11unaffected 0 - < 4.11unaffected 6.1.120 - <= 6.1.*unaffected 6.6.14 - <= 6.6.*unaffected 6.7.2 - <= 6.7.*+1 more versions |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now