Description

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031_probe On reworking and splitting the at803x driver, in splitting function of at803x PHYs it was added a NULL dereference bug where priv is referenced before it's actually allocated and then is tried to write to for the is_1000basex and is_fiber variables in the case of at8031, writing on the wrong address. Fix this by correctly setting priv local variable only after at803x_probe is called and actually allocates priv in the phydev struct.

INFO

Published Date :

2024-05-01T05:17:56.555Z

Last Modified :

2025-05-04T09:00:18.778Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-26942 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-26942.

URL Resource
https://git.kernel.org/stable/c/6a4aee277740d04ac0fd54cfa17cc28261932ddc cve-icon cve-icon
https://git.kernel.org/stable/c/a8a296ad9957b845b89bcf48be1cf8c74875ecc3 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26942-2f72@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-26942 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-26942 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact