CVE-2021-47556

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()<br /> <br /> ethtool_set_coalesce() now uses both the .get_coalesce() and<br /> .set_coalesce() callbacks. But the check for their availability is<br /> buggy, so changing the coalesce settings on a device where the driver<br /> provides only _one_ of the callbacks results in a NULL pointer<br /> dereference instead of an -EOPNOTSUPP.<br /> <br /> Fix the condition so that the availability of both callbacks is<br /> ensured. This also matches the netlink code.<br /> <br /> Note that reproducing this requires some effort - it only affects the<br /> legacy ioctl path, and needs a specific combination of driver options:<br /> - have .get_coalesce() and .coalesce_supported but no<br /> .set_coalesce(), or<br /> - have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn&amp;#39;t<br /> cause the crash as it first attempts to call ethtool_get_coalesce()<br /> and bails out on error.