CVE-2022-50452

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: sched: cake: fix null pointer access issue when cake_init() fails<br /> <br /> When the default qdisc is cake, if the qdisc of dev_queue fails to be<br /> inited during mqprio_init(), cake_reset() is invoked to clear<br /> resources. In this case, the tins is NULL, and it will cause gpf issue.<br /> <br /> The process is as follows:<br /> qdisc_create_dflt()<br /> cake_init()<br /> q-&gt;tins = kvcalloc(...) ---&gt;failed, q-&gt;tins is NULL<br /> ...<br /> qdisc_put()<br /> ...<br /> cake_reset()<br /> ...<br /> cake_dequeue_one()<br /> b = &amp;q-&gt;tins[...] ---&gt;q-&gt;tins is NULL<br /> <br /> The following is the Call Trace information:<br /> general protection fault, probably for non-canonical address<br /> 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN<br /> KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]<br /> RIP: 0010:cake_dequeue_one+0xc9/0x3c0<br /> Call Trace:<br /> <br /> cake_reset+0xb1/0x140<br /> qdisc_reset+0xed/0x6f0<br /> qdisc_destroy+0x82/0x4c0<br /> qdisc_put+0x9e/0xb0<br /> qdisc_create_dflt+0x2c3/0x4a0<br /> mqprio_init+0xa71/0x1760<br /> qdisc_create+0x3eb/0x1000<br /> tc_modify_qdisc+0x408/0x1720<br /> rtnetlink_rcv_msg+0x38e/0xac0<br /> netlink_rcv_skb+0x12d/0x3a0<br /> netlink_unicast+0x4a2/0x740<br /> netlink_sendmsg+0x826/0xcc0<br /> sock_sendmsg+0xc5/0x100<br /> ____sys_sendmsg+0x583/0x690<br /> ___sys_sendmsg+0xe8/0x160<br /> __sys_sendmsg+0xbf/0x160<br /> do_syscall_64+0x35/0x80<br /> entry_SYSCALL_64_after_hwframe+0x46/0xb0<br /> RIP: 0033:0x7f89e5122d04<br />