Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY)Upon updating MAC security entity (SecY) in hw offload path, the macsecsecurity association (SA) initialization routine is called. In case ofextended packet number (epn) is enabled the salt and ssci attributes areretrieved using the MACsec driver rx_sa context which is unavailable whenupdating a SecY property such as encoding-sa hence the null dereference.Fix by using the provided SA to set those attributes.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds