CVE-2024-27025

nbd: null check for nla_nest_start

References

Notes

 carnil> Introduced in 47d902b90a32 ("nbd: add a status netlink command"). Vulnerable
 carnil> versions: 4.12-rc1.

Bugs

Status

Branch Status
4.19-buster-security needed
4.19-upstream-stable needed
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.214) [4af837db0fd3679fabc7b7758397090b0c06dced]
6.1-bookworm-security released (6.1.85-1)
6.1-upstream-stable released (6.1.83) [96436365e5d80d0106ea785a4f80a58e7c9edff8]
6.6-upstream-stable released (6.6.23) [b7f5aed55829f376e4f7e5ea5b80ccdcb023e983]
6.8-upstream-stable released (6.8.2) [ba6a9970ce9e284cbc04099361c58731e308596a]
sid released (6.7.12-1)
upstream released (6.9-rc1) [31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d]