Bug 1219125 (CVE-2023-46343) - VUL-0: CVE-2023-46343: kernel: NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c
Summary: VUL-0: CVE-2023-46343: kernel: NULL pointer dereference in send_acknowledge i...
Status: NEW
Alias: CVE-2023-46343
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/391984/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-46343:6.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-01-24 09:08 UTC by SMASH SMASH
Modified: 2024-04-08 06:50 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 3 Joey Lee 2024-03-01 07:20:06 UTC 
commit 7937609cd387246aed994e81aa4fa951358fba41   [v6.6-rc7~28^2~23]
Author: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
Date:   Fri Oct 13 20:41:29 2023 +0200

    nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
    
    Handle memory allocation failure from nci_skb_alloc() (calling
    alloc_skb()) to avoid possible NULL pointer dereference.
    
    Reported-by: 黄思聪 <huangsicong@iie.ac.cn>
    Fixes: 391d8a2da787 ("NFC: Add NCI over SPI receive")
    Cc: <stable@vger.kernel.org>
    Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
    Reviewed-by: Simon Horman <horms@kernel.org>
    Link: https://lore.kernel.org/r/20231013184129.18738-1-krzysztof.kozlowski@linaro.org
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>