Skip to content

[ciqlts9_4] sctp: avoid NULL dereference when chunk data buffer is missing#1017

Merged
roxanan1996 merged 1 commit intociqlts9_4from
{ciq_kernel_automation}_ciqlts9_4
Mar 26, 2026
Merged

[ciqlts9_4] sctp: avoid NULL dereference when chunk data buffer is missing#1017
roxanan1996 merged 1 commit intociqlts9_4from
{ciq_kernel_automation}_ciqlts9_4

Conversation

@ciq-kernel-automation
Copy link

@ciq-kernel-automation ciq-kernel-automation bot commented Mar 26, 2026

Summary

This PR has been automatically created after successful completion of all CI stages.

Commit Message(s)

sctp: avoid NULL dereference when chunk data buffer is missing

jira VULN-160765
cve CVE-2025-40240
commit-author Alexey Simakov <bigalex934@gmail.com>
commit 441f0647f7673e0e64d4910ef61a5fb8f16bfb82

Test Results

✅ Build Stage

Architecture Build Time Total Time
x86_64 28m 10s 31m 4s
aarch64 15m 0s 17m 5s

✅ Boot Verification

✅ Kernel Selftests

Architecture Passed Failed
x86_64 189 29
aarch64 144 31

Test Comparison

x86_64:

  • ✅ Status: Passed - Within acceptable threshold (±3 tests)
  • Compared against: ciqlts9_4

aarch64:

  • ✅ Status: Passed - Within acceptable threshold (±3 tests)
  • Compared against: ciqlts9_4

🤖 This PR was automatically generated by GitHub Actions
Run ID: 23581213333

sctp: avoid NULL dereference when chunk data buffer is missing
8605948 
jira VULN-160765
cve CVE-2025-40240
commit-author Alexey Simakov <bigalex934@gmail.com>
commit 441f064

chunk->skb pointer is dereferenced in the if-block where it's supposed
to be NULL only.

chunk->skb can only be NULL if chunk->head_skb is not. Check for frag_list
instead and do it just before replacing chunk->skb. We're sure that
otherwise chunk->skb is non-NULL because of outer if() condition.

Fixes: 90017ac ("sctp: Add GSO support")
	Signed-off-by: Alexey Simakov <bigalex934@gmail.com>
	Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Link: https://patch.msgid.link/20251021130034.6333-1-bigalex934@gmail.com
	Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit 441f064)
	Signed-off-by: CIQ Kernel Automation <ciq_kernel_automation@ciq.com>
@github-actions
Copy link

github-actions bot commented Mar 26, 2026

🤖 Validation Checks In Progress Workflow run: https://github.com/ctrliq/kernel-src-tree/actions/runs/23589220077

@github-actions
Copy link

github-actions bot commented Mar 26, 2026

Validation checks completed successfully View full results: https://github.com/ctrliq/kernel-src-tree/actions/runs/23589220077

@roxanan1996 roxanan1996 merged commit e126dc5 into ciqlts9_4 Mar 26, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@roxanan1996 roxanan1996 roxanan1996 approved these changes

@shreeya-patel98 shreeya-patel98 shreeya-patel98 approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roxanan1996 @shreeya-patel98