References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

https://git.kernel.org/stable/c/232afc74a6dde0fe1830988e5827921f5ec9bb3f

https://git.kernel.org/stable/c/484919832e2db6ce1e8add92c469e5d459a516b5

https://git.kernel.org/stable/c/8133e85b8a3ec9f10d861e0002ec6037256e987e

https://git.kernel.org/stable/c/15f6faf36e162532bec5cc05eb3fc622108bf2ed

In the Linux kernel, the following vulnerability has been resolved:

macvlan: fix possible UAF in macvlan_forward_source()

Add RCU protection on (struct macvlan_source_entry)->vlan.

Whenever macvlan_hash_del_source() is called, we must clear
entry->vlan pointer before RCU grace period starts.

This allows macvlan_forward_source() to skip over
entries queued for freeing.

Note that macvlan_dev are already RCU protected, as they
are embedded in a standard netdev (netdev_priv(ndev)).

https: //lore.kernel.org/netdev/[email protected]/T/#u

https://git.kernel.org/stable/c/6dbead9c7677186f22b7981dd085a0feec1f038e

https://git.kernel.org/stable/c/7470a7a63dc162f07c26dbf960e41ee1e248d80e

https://git.kernel.org/stable/c/8518712a2ca952d6da2238c6f0a16b4ae5ea3f13