CVE-2024-38584

net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()

In the prueth_probe() function, if one of the calls to emac_phy_connect()
fails due to of_phy_connect() returning NULL, then the subsequent call to
phy_attached_info() will dereference a NULL pointer.

Check the return code of emac_phy_connect and fail cleanly if there is an
error.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ti: icssg_prueth: corrige la desreferencia del puntero NULL en prueth_probe() En la función prueth_probe(), si una de las llamadas a emac_phy_connect() falla debido a que of_phy_connect() devuelve NULL , entonces la llamada posterior a phy_attached_info() eliminará la referencia a un puntero NULL. Verifique el código de retorno de emac_phy_connect y falle limpiamente si hay un error.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-06-18 CVE Reserved
2024-06-19 CVE Published
2024-09-20 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/128d5874c0822105ae9556d5435fb8562aff2e3b	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/5cd17f0e74cb99d209945b9f1f06d411aa667eb1	2024-06-12
https://git.kernel.org/stable/c/b0a82ebabbdc4c307f781bb0e5cd617949a3900d	2024-05-30
https://git.kernel.org/stable/c/1e1d5bd7f4682e6925dd960aba2a1aa1d93da53a	2024-05-30
https://git.kernel.org/stable/c/b31c7e78086127a7fcaa761e8d336ee855a920c6	2024-05-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.6.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.6.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.8.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.8.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.9.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.9.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.10"		en		Affected