CVE-2021-46916

ixgbe: Fix NULL pointer dereference in ethtool loopback test

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

ixgbe: Fix NULL pointer dereference in ethtool loopback test

The ixgbe driver currently generates a NULL pointer dereference when
performing the ethtool loopback test. This is due to the fact that there
isn't a q_vector associated with the test ring when it is setup as
interrupts are not normally added to the test rings.

To address this I have added code that will check for a q_vector before
returning a napi_id value. If a q_vector is not present it will return a
value of 0.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ixgbe: corrige la desreferencia de puntero NULL en la prueba de bucle invertido de ethtool. El controlador ixgbe actualmente genera una desreferencia de puntero NULL cuando se realiza la prueba de bucle invertido de ethtool. Esto se debe al hecho de que no hay un q_vector asociado con el anillo de prueba cuando se configura, ya que normalmente no se agregan interrupciones a los anillos de prueba. Para solucionar esto, agregué un código que verificará si hay un q_vector antes de devolver un valor de napi_id. Si un q_vector no está presente, devolverá un valor de 0.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-25 CVE Reserved
2024-02-27 CVE Published
2024-02-27 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-476: NULL Pointer Dereference

CAPEC

References (3)

URL	Tag	Source
https://git.kernel.org/stable/c/b02e5a0ebb172c8276cea3151942aac681f7a4a6	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/758d19098df4b0bbca9f40d6ae6c82c9c18b9bba	2021-04-21
https://git.kernel.org/stable/c/31166efb1cee348eb6314e9c0095d84cbeb66b9d	2021-04-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.11 < 5.11.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.11.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.11 < 5.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12"		en		Affected