fkie_cve-2024-43875
Vulnerability from fkie_nvd
Published
2024-08-21 01:15
Modified
2024-08-21 12:30
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we previously assumed 'vpci_bus' could be null (see line 1021) Instead of printing an error message and then crashing we should return an error code and clean up. Also the NULL check is reversed so it prints an error for success instead of failure.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0e27e2e8697b8ce96cdef43f135426525d9d1f8f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/24414c842a24d0fd498f9db6d2a762a8dddf1832
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7d368de78b60088ec9031c60c88976c0063ea4c0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8e0f5a96c534f781e8c57ca30459448b3bfe5429
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b9e8695246bcfc028341470cbf92630cdc1ba36b
Impacted products
Vendor Product Version


To clipboard 

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Clean up error handling in vpci_scan_bus()\n\nSmatch complains about inconsistent NULL checking in vpci_scan_bus():\n\n    drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we previously assumed 'vpci_bus' could be null (see line 1021)\n\nInstead of printing an error message and then crashing we should return\nan error code and clean up.\n\nAlso the NULL check is reversed so it prints an error for success\ninstead of failure.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: endpoint: limpieza del manejo de errores en vpci_scan_bus() Smatch se queja de una verificación NULL inconsistente en vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c :1024 Error de vpci_scan_bus(): anteriormente asumimos que 'vpci_bus' podría ser nulo (consulte la línea 1021). En lugar de imprimir un mensaje de error y luego fallar, deberíamos devolver un código de error y limpiar. Además, la verificación NULL se invierte, por lo que imprime un error de éxito en lugar de fracaso.",
      },
   ],
   id: "CVE-2024-43875",
   lastModified: "2024-08-21T12:30:33.697",
   metrics: {},
   published: "2024-08-21T01:15:11.910",
   references: [
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/0e27e2e8697b8ce96cdef43f135426525d9d1f8f",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/24414c842a24d0fd498f9db6d2a762a8dddf1832",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/7d368de78b60088ec9031c60c88976c0063ea4c0",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/8e0f5a96c534f781e8c57ca30459448b3bfe5429",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/b9e8695246bcfc028341470cbf92630cdc1ba36b",
      },
   ],
   sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   vulnStatus: "Awaiting Analysis",
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.