Re: [PATCH] net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()

From: Xin Long
Date: Thu Oct 02 2025 - 15:27:49 EST

Next message: Gergo Koteles: "Re: [PATCH v1] ALSA: hda/tas2781: Fix a potential race condition that causes a NULL pointer in case no efi.get_variable exsits"
Previous message: Armin Wolf: "Re: [PATCH v2 0/4] platform/x86: acer-wmi: Add fan control support"
In reply to: Alexandr Sapozhnkiov: "[PATCH] net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()"
Next in thread: Markus Elfring: "Re: [PATCH] net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 2, 2025 at 5:14 AM Alexandr Sapozhnkiov <alsp705@xxxxxxxxx> wrote:
>
> From: Alexandr Sapozhnikov <alsp705@xxxxxxxxx>
>
> If new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0
> and sctp_ulpevent_make_authkey() returns 0, then the variable
> ai_ev remains zero and the zero will be dereferenced
> in the sctp_ulpevent_free() function.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Alexandr Sapozhnikov <alsp705@xxxxxxxxx>

Fixes: 30f6ebf65bc4 ("sctp: add SCTP_AUTH_NO_AUTH type for
AUTHENTICATION_EVENT")

Acked-by: Xin Long <lucien.xin@xxxxxxxxx>

Next message: Gergo Koteles: "Re: [PATCH v1] ALSA: hda/tas2781: Fix a potential race condition that causes a NULL pointer in case no efi.get_variable exsits"
Previous message: Armin Wolf: "Re: [PATCH v2 0/4] platform/x86: acer-wmi: Add fan control support"
In reply to: Alexandr Sapozhnkiov: "[PATCH] net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()"
Next in thread: Markus Elfring: "Re: [PATCH] net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]