Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]net/mlx5e: Harden uplink netdev access against device unbind[EOL][EOL]The function mlx5_uplink_netdev_get() gets the uplink netdevice[EOL]pointer from mdev->mlx5e_res.uplink_netdev. However, the netdevice can[EOL]be removed and its pointer cleared when unbound from the mlx5_core.eth[EOL]driver. This results in a NULL pointer, causing a kernel panic.[EOL][EOL] BUG: unable to handle page fault for address: 0000000000001300[EOL] at RIP: 0010:mlx5e_vport_rep_load+0x22a/0x270 [mlx5_core][EOL] Call Trace:[EOL]  <TASK>[EOL]  mlx5_esw_offloads_rep_load+0x68/0xe0 [mlx5_core][EOL]  esw_offloads_enable+0x593/0x910 [mlx5_core][EOL]  mlx5_eswitch_enable_locked+0x341/0x420 [mlx5_core][EOL]  mlx5_devlink_eswitch_mode_set+0x17e/0x3a0 [mlx5_core][EOL]  devlink_nl_eswitch_set_doit+0x60/0xd0[EOL]  genl_family_rcv_msg_doit+0xe0/0x130[EOL]  genl_rcv_msg+0x183/0x290[EOL]  netlink_rcv_skb+0x4b/0xf0[EOL]  genl_rcv+0x24/0x40[EOL]  netlink_unicast+0x255/0x380[EOL]  netlink_sendmsg+0x1f3/0x420[EOL]  __sock_sendmsg+0x38/0x60[EOL]  __sys_sendto+0x119/0x180[EOL]  do_syscall_64+0x53/0x1d0[EOL]  entry_SYSCALL_64_after_hwframe+0x4b/0x53[EOL][EOL]Ensure the pointer is valid before use by checking it for NULL. If it[EOL]is valid, immediately call netdev_hold() to take a reference, and[EOL]preventing the netdevice from being freed while it is in use.