CVE-2024-26723

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> lan966x: Fix crash when adding interface under a lag<br /> <br /> There is a crash when adding one of the lan966x interfaces under a lag<br /> interface. The issue can be reproduced like this:<br /> ip link add name bond0 type bond miimon 100 mode balance-xor<br /> ip link set dev eth0 master bond0<br /> <br /> The reason is because when adding a interface under the lag it would go<br /> through all the ports and try to figure out which other ports are under<br /> that lag interface. And the issue is that lan966x can have ports that are<br /> NULL pointer as they are not probed. So then iterating over these ports<br /> it would just crash as they are NULL pointers.<br /> The fix consists in actually checking for NULL pointers before accessing<br /> something from the ports. Like we do in other places.