In the Linux kernel, the following vulnerability has been resolved:
net: phy: qcom: at803x: fix kernel panic with at8031_probe
On reworking and splitting the at803x driver, in splitting function of
at803x PHYs it was added a NULL dereference bug where priv is referenced
before it's actually allocated and then is tried to write to for the
is_1000basex and is_fiber variables in the case of at8031, writing on
the wrong address.
Fix this by correctly setting priv local variable only after
at803x_probe is called and actually allocates priv in the phydev struct.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-01T05:17:56.555Z
Updated: 2024-12-19T08:50:47.258Z
Reserved: 2024-02-19T14:20:24.197Z
Link: CVE-2024-26942
Vulnrichment
Updated: 2024-08-02T00:21:05.552Z
NVD
Status : Modified
Published: 2024-05-01T06:15:09.633
Modified: 2024-11-21T09:03:26.500
Link: CVE-2024-26942
Redhat