retired/CVE-2023-2166


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: can: af_can: fix NULL pointer dereference in can_rcv_filter
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2187813
 https://lore.kernel.org/lkml/CAO4mrfcV_07hbj8NUuZrA8FH-kaRsrFy-2metecpTuE5kKHn5w@mail.gmail.com/
Notes:
 carnil> Commit fixes 4e096a18867a ("net: introduce CAN specific pointer in the struct net_device") 
Bugs:
upstream: released (6.1) [0acc442309a0a1b01bcdaa135e56e6398a49439c]
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.159) [c42221efb1159d6a3c89e96685ee38acdce86b6f]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.1.4-1)
5.10-bullseye-security: released (5.10.162-1)
4.19-buster-security: N/A "Vulnerable code not present"