blob: 8c5cb086743d1380f8078e922cd749cccebcd793 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: NVME driver: null pointer dereference in drivers/nvme/target/auth.c
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2157927
https://lore.kernel.org/linux-nvme/20220823161255.GA21462@lst.de/T/#t
https://lore.kernel.org/linux-nvme/20220831045908.GC18042@lst.de/T/#u
https://www.openwall.com/lists/oss-security/2023/01/12/1
Notes:
carnil> Issue introduced in 6.0-rc1 with db1312dd9548 ("nvmet:
carnil> implement basic In-Band Authentication"). In Debian
carnil> NVME_TARGET_AUTH is not set.
Bugs:
upstream: released (6.0-rc4) [da0342a3aa0357795224e6283df86444e1117168]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: N/A "Vulnerable code not present"
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"
|
