In the Linux kernel, the following vulnerability has been resolved:
igb: Fix use-after-free error during reset
Cleans the next descriptor to watch (next_to_watch) when cleaning the
TX ring.
Failure to do so can cause invalid memory accesses. If igb_poll() runs
while the controller is reset this can lead to the driver try to free
a skb that was already freed.
(The crash is harder to reproduce with the igb driver, but the same
potential problem exists as the code is identical to igc)
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/igb/igb_main.c"
],
"versions": [
{
"version": "7cc6fd4c60f2",
"lessThan": "d7367f781e5a",
"status": "affected",
"versionType": "git"
},
{
"version": "7cc6fd4c60f2",
"lessThan": "d3ccb18ed5ac",
"status": "affected",
"versionType": "git"
},
{
"version": "7cc6fd4c60f2",
"lessThan": "88e0720133d4",
"status": "affected",
"versionType": "git"
},
{
"version": "7cc6fd4c60f2",
"lessThan": "f153664d8e70",
"status": "affected",
"versionType": "git"
},
{
"version": "7cc6fd4c60f2",
"lessThan": "8e24c12f2ff6",
"status": "affected",
"versionType": "git"
},
{
"version": "7cc6fd4c60f2",
"lessThan": "7b292608db23",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/igb/igb_main.c"
],
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.14.241",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.199",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.136",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.54",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.13.6",
"lessThanOrEqual": "5.13.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]
git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240