Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() when a vsock socket has been de-assigned from a transport (see attached links), but we shouldn't. Previous commits should have solved the real problems, but we may have more in the future, so to avoid null-ptr-deref, we can return 0 (no space, no data available) but with a warning. This way the code should continue to run in a nearly consistent state and have a warning that allows us to debug future problems.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 代码问题漏洞
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在代码问题漏洞,该漏洞源于vsock_*[has_data|has_space]函数在套接字未分配传输层时被调用,可能导致空指针引用。虽然之前的修复解决了部分问题,但未来仍可能遇到类似情况,因此需要在函数中添加额外检查以避免崩溃。
CVSS Information
N/A
Vulnerability Type
N/A