CVE-2024-42151 Information

Description

In the Linux kernel the following vulnerability has been resolved:

bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable

Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first parameter of the test_1() function. Mark this parameter as nullable to make verifier aware of such possibility. Otherwise NULL check in the test_1() code:

  SEC(\struct_ops/test_1\)
  int BPF_PROG(test_1 struct bpf_dummy_ops_state state)
  
        if (!state)
                return ...;

        ... access state ...

Might be removed by verifier thus triggering NULL pointer dereference under certain conditions.

Reference

https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23 https://git.kernel.org/stable/c/1479eaff1f16983d8fda7c5a08a586c21891087d