CVE-2024-39506

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a NULL pointer handling path in the lio vf rep copy packet function. In this function, pg info->page is compared to a NULL value, but then it is unconditionally passed to skb add rx frag(), which could lead to a null pointer dereference. The call trace for lio vf rep copy packet() includes functions such as octeon droq process packets, octeon droq fast process packets, octeon droq dispatch pkt, and octeon create recv info. There is no code in this path that sets pg info->page to NULL, making the check seem unnecessary and not solving the potential problem. The code in the liquidio push packet function in liquidio/lio core.c behaves similarly. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.