CVE-2024-49987

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bpftool: Fix undefined behavior in qsort(NULL, 0, ...)<br /> <br /> When netfilter has no entry to display, qsort is called with<br /> qsort(NULL, 0, ...). This results in undefined behavior, as UBSan<br /> reports:<br /> <br /> net.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null<br /> <br /> Although the C standard does not explicitly state whether calling qsort<br /> with a NULL pointer when the size is 0 constitutes undefined behavior,<br /> Section 7.1.4 of the C standard (Use of library functions) mentions:<br /> <br /> "Each of the following statements applies unless explicitly stated<br /> otherwise in the detailed descriptions that follow: If an argument to a<br /> function has an invalid value (such as a value outside the domain of<br /> the function, or a pointer outside the address space of the program, or<br /> a null pointer, or a pointer to non-modifiable storage when the<br /> corresponding parameter is not const-qualified) or a type (after<br /> promotion) not expected by a function with variable number of<br /> arguments, the behavior is undefined."<br /> <br /> To avoid this, add an early return when nf_link_info is NULL to prevent<br /> calling qsort with a NULL pointer.