macsec: fix NULL deref in macsec_add_rxsa
stable inclusion from stable-v5.10.135 commit 54c295a30f000fcb5525c9385144058987356697 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I5ZWFM Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=54c295a30f000fcb5525c9385144058987356697 -------------------------------- [ Upstream commit f46040ee ] Commit 48ef50fa added a test on tb_sa[MACSEC_SA_ATTR_PN], but nothing guarantees that it's not NULL at this point. The same code was added to macsec_add_txsa, but there it's not a problem because validate_add_txsa checks that the MACSEC_SA_ATTR_PN attribute is present. Note: it's not possible to reproduce with iproute, because iproute doesn't allow creating an SA without specifying the PN. Fixes: 48ef50fa ("macsec: Netlink support of XPN cipher suites (IEEE 802.1AEbw)") Link: https://bugzilla.kernel.org/show_bug.cgi?id=208315 Reported-by:Frantisek Sumsal <fsumsal@redhat.com> Signed-off-by:
Loading
Please sign in to comment