Bug 1212532 (CVE-2023-3338) - VUL-0: CVE-2023-3338: kernel: null pointer dereference in DECnet
Summary: VUL-0: CVE-2023-3338: kernel: null pointer dereference in DECnet
Status: RESOLVED FIXED
Alias: CVE-2023-3338
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Kernel Bugs
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/369945/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-3338:7.5:(AV:N...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-06-20 08:14 UTC by Thomas Leroy
Modified: 2023-10-12 08:09 UTC (History)
7 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 3 Michal Kubeček 2023-06-21 04:55:41 UTC 
Starting with SLE12, CONFIG_DECNET is disabled and decnet code is not built
at all. Thus only cve/linux-3.0 is affected.
Comment 4 Michal Kubeček 2023-06-21 14:07:03 UTC 
> Linux kernels with DECnet support from Linux-4.12-rc7 (commit
> 76371d2e3ad1f84426a30ebcd8c3b9b98f4c724f) up to Linux-6.0.19.

AFAICS the issue was indeed introduced in 4.12-rc7 by mainline commit
76371d2e3ad1 ("decnet: always not take dst->__refcnt when inserting dst into
hash table") which we only have in SLE12-SP2-LTSS and SLE12-SP3-LTSS
(via 4.4.76 stable update) but not in any older branch.

Therefore none of our kernels is affected. Reassigning back to security team.
Comment 5 Thomas Leroy 2023-06-22 07:50:23 UTC 
We only build DECNET on cve/linux-3.0, and the branch seems to have the vulnerable dereference, so I would say affected.
Comment 6 Marcus Meissner 2023-06-27 07:14:28 UTC 
still should be fixed in SLES 11 SP4 EXTREME CORE LTSS
Comment 7 Marcus Meissner 2023-06-27 07:15:23 UTC 
https://seclists.org/oss-sec/2023/q2/277 is public
Comment 13 Thomas Leroy 2023-10-12 08:09:20 UTC 
Closing