CVE-2024-50274

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> idpf: avoid vport access in idpf_get_link_ksettings<br /> <br /> When the device control plane is removed or the platform<br /> running device control plane is rebooted, a reset is detected<br /> on the driver. On driver reset, it releases the resources and<br /> waits for the reset to complete. If the reset fails, it takes<br /> the error path and releases the vport lock. At this time if the<br /> monitoring tools tries to access link settings, it call traces<br /> for accessing released vport pointer.<br /> <br /> To avoid it, move link_speed_mbps to netdev_priv structure<br /> which removes the dependency on vport pointer and the vport lock<br /> in idpf_get_link_ksettings. Also use netif_carrier_ok()<br /> to check the link status and adjust the offsetof to use link_up<br /> instead of link_speed_mbps.