References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

net/smc: avoid early lgr access in smc_clc_wait_msg

A CLC decline can be received while the handshake is still in an early
stage, before the connection has been associated with a link group.

The decline handling in smc_clc_wait_msg() updates link-group level sync
state for first-contact declines, but that state only exists after link
group setup has completed. Guard the link-group update accordingly and
keep the per-socket peer diagnosis handling unchanged.

This preserves the existing sync_err handling for established link-group
contexts and avoids touching link-group state before it is available.

https://git.kernel.org/stable/c/5a8db80f721deee8e916c2cfdee78decda02ce4f

https://git.kernel.org/stable/c/6180a296ca65b08a81914805cbc0f78da5f10a1f

https://git.kernel.org/stable/c/83bcf9228b0501694fb2589ed1d142855a2887f2

https://git.kernel.org/stable/c/ea0b5d0fe96356dce38f98375a57c52a04e13712

https://git.kernel.org/stable/c/f0858e1d5624bb120b198f2a8528f97a9b0ae069